First published: Tue Dec 29 2020(Updated: )
An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpy_s() if a local user opens FactoryTalk Diagnostics Viewer (FTDiagViewer.exe) to view the log entry. Observed in FactoryTalk Diagnostics 6.11. All versions of FactoryTalk Diagnostics are affected.
Credit: vulnreport@tenable.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwell Automation FactoryTalk Diagnostics | <=6.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-5807 is classified as a medium severity vulnerability due to its potential to cause unhandled exceptions.
To fix CVE-2020-5807, users should apply the latest updates for Rockwell Automation FactoryTalk Diagnostics.
CVE-2020-5807 affects users of Rockwell Automation FactoryTalk Diagnostics version 6.11 and earlier.
The impact of CVE-2020-5807 includes potential denial of service if an attacker exploits the vulnerability.
No, CVE-2020-5807 can be exploited by an unauthenticated remote attacker.