CVE-2020-6967

Summary

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.

Affected Software

VendorProductVersion RangeStatus
n/aRockwell Automation All versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services PlatformRockwell Automation All versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platformaffected

Weaknesses

  • CWE-502: DESERIALIZATION OF UNTRUSTED DATA CWE-502

ADP Enrichment

CVE Program Container

Additional References

References