Sign-up

ID

VAR-202011-0741


CVE

CVE-2020-27253


TITLE

Rockwell Automation Made FactoryTalk Linx Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009655

DESCRIPTION

A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device. Rockwell Automation Provided by the company FactoryTalk Linx Is vulnerable to several vulnerabilities: ‥ * Improper input confirmation (CWE-20) - CVE-2020-27253 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27251 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27255The expected impact depends on each vulnerability, but it may be affected as follows. * FactoryTalk Linx There is a defect in the input / output check routine of the service, and a malicious packet is sent by a remote third party, which interferes with service operation. (DoS) Be in a state - CVE-2020-27253 * A remote third party sends a request with a malicious value for a parameter that specifies a port range and executes arbitrary code. - CVE-2020-27251 * A malicious attribute setting request is sent by a remote third party to steal sensitive information. Also, due to this information theft, ASLR ( Address space layout randomization ) Is bypassed - CVE-2020-27255. FactoryTalk Linx is a FactoryTalk Live Data server and communication service designed to transfer control system information from Allen-Bradley control products to Rockwell Automation FactoryTalk software product portfolio and Studio5000 design software. FactoryTalk Linx 6.11 and earlier versions of Ingress/Egress check routines have improper input validation vulnerabilities. Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Automation, USA. This product is mainly used for communication between small applications and large automation systems

Trust: 2.25

sources: NVD: CVE-2020-27253 // JVNDB: JVNDB-2020-009655 // CNVD: CNVD-2020-71209 // VULHUB: VHN-370729

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-71209

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:factorytalk linxscope:lteversion:6.11

Trust: 1.0

vendor:rockwell automationmodel:factorytalk linxscope:eqversion:version 6.11

Trust: 0.8

vendor:rockwellmodel:automation factorytalk linxscope:lteversion:<=6.11

Trust: 0.6

sources: CNVD: CNVD-2020-71209 // JVNDB: JVNDB-2020-009655 // NVD: CVE-2020-27253

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-27253
value: HIGH

Trust: 1.0

IPA: JVNDB-2020-009655
value: HIGH

Trust: 0.8

JPCERT/CC: JVNDB-2020-009655
value: CRITICAL

Trust: 0.8

JPCERT/CC: JVNDB-2020-009655
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-71209
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202011-1836
value: HIGH

Trust: 0.6

VULHUB: VHN-370729
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-27253
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2020-71209
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-370729
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-27253
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

IPA score: JVNDB-2020-009655
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

JPCERT/CC score: JVNDB-2020-009655
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

JPCERT/CC score: JVNDB-2020-009655
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-71209 // VULHUB: VHN-370729 // JVNDB: JVNDB-2020-009655 // JVNDB: JVNDB-2020-009655 // JVNDB: JVNDB-2020-009655 // CNNVD: CNNVD-202011-1836 // NVD: CVE-2020-27253

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-122

Trust: 0.8

sources: VULHUB: VHN-370729 // JVNDB: JVNDB-2020-009655 // NVD: CVE-2020-27253

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202011-1836

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202011-1836

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-009655

PATCH
title:Patch Answer ID 1126433 (要ログイン)url:https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1126433#__highlight
Trust: 0.8
title:ナレッジベース ID 546989 (要ログイン)url:https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F546989
Trust: 0.8
title:ナレッジベース ID 494865 (要ログイン)url:https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F494865
Trust: 0.8
title:Patch for FactoryTalk Linx improper input validation vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/242080
Trust: 0.6
title:Rockwell Automation FactoryTalk Linx Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=135540
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-71209 // 
            
            
            
            JVNDB: JVNDB-2020-009655 // 
            
            
            
            CNNVD: CNNVD-202011-1836

EXTERNAL IDS
db:ICS CERTid:ICSA-20-329-01
Trust: 3.1
db:NVDid:CVE-2020-27253
Trust: 3.1
db:JVNid:JVNVU98689901
Trust: 0.8
db:JVNDBid:JVNDB-2020-009655
Trust: 0.8
db:CNVDid:CNVD-2020-71209
Trust: 0.6
db:AUSCERTid:ESB-2020.4170
Trust: 0.6
db:CNNVDid:CNNVD-202011-1836
Trust: 0.6
db:VULHUBid:VHN-370729
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-71209 // 
            
            
            
            VULHUB: VHN-370729 // 
            
            
            
            JVNDB: JVNDB-2020-009655 // 
            
            
            
            CNNVD: CNNVD-202011-1836 // 
            
            
            
            NVD: CVE-2020-27253

REFERENCES
url:https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01
Trust: 3.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27251
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27253
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27255
Trust: 0.8
url:https://jvn.jp/vu/jvnvu98689901
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2020.4170/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-27253
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-71209 // 
            
            
            
            VULHUB: VHN-370729 // 
            
            
            
            JVNDB: JVNDB-2020-009655 // 
            
            
            
            CNNVD: CNNVD-202011-1836 // 
            
            
            
            NVD: CVE-2020-27253

SOURCES
db:CNVDid:CNVD-2020-71209
db:VULHUBid:VHN-370729
db:JVNDBid:JVNDB-2020-009655
db:CNNVDid:CNNVD-202011-1836
db:NVDid:CVE-2020-27253

LAST UPDATE DATE
2024-11-23T22:11:15.591000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-71209date:2020-12-14T00:00:00
db:VULHUBid:VHN-370729date:2020-11-30T00:00:00
db:JVNDBid:JVNDB-2020-009655date:2020-11-26T06:22:08
db:CNNVDid:CNNVD-202011-1836date:2020-12-02T00:00:00
db:NVDid:CVE-2020-27253date:2024-11-21T05:20:56.927

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-71209date:2020-11-24T00:00:00
db:VULHUBid:VHN-370729date:2020-11-26T00:00:00
db:JVNDBid:JVNDB-2020-009655date:2020-11-26T06:22:08
db:CNNVDid:CNNVD-202011-1836date:2020-11-24T00:00:00
db:NVDid:CVE-2020-27253date:2020-11-26T02:15:12.183