Sign-up

ID

VAR-202011-0742


CVE

CVE-2020-27255


TITLE

Rockwell Automation Made FactoryTalk Linx Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009655

DESCRIPTION

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR). Rockwell Automation Provided by the company FactoryTalk Linx Is vulnerable to several vulnerabilities: ‥ * Improper input confirmation (CWE-20) - CVE-2020-27253 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27251 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27255The expected impact depends on each vulnerability, but it may be affected as follows. * FactoryTalk Linx There is a defect in the input / output check routine of the service, and a malicious packet is sent by a remote third party, which interferes with service operation. (DoS) Be in a state - CVE-2020-27253 * A remote third party sends a request with a malicious value for a parameter that specifies a port range and executes arbitrary code. FactoryTalk Linx is a FactoryTalk Live Data server and communication service designed to transfer control system information from Allen-Bradley control products to Rockwell Automation FactoryTalk software product portfolio and Studio5000 design software. Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Automation, USA. This product is mainly used for communication between small applications and large automation systems

Trust: 2.34

sources: NVD: CVE-2020-27255 // JVNDB: JVNDB-2020-009655 // CNVD: CNVD-2020-71207 // VULHUB: VHN-370733 // VULMON: CVE-2020-27255

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-71207

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:factorytalk linxscope:lteversion:6.11

Trust: 1.0

vendor:rockwell automationmodel:factorytalk linxscope:eqversion:version 6.11

Trust: 0.8

vendor:rockwellmodel:automation factorytalk linxscope:lteversion:<=6.11

Trust: 0.6

sources: CNVD: CNVD-2020-71207 // JVNDB: JVNDB-2020-009655 // NVD: CVE-2020-27255

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-27255
value: HIGH

Trust: 1.0

IPA: JVNDB-2020-009655
value: HIGH

Trust: 0.8

JPCERT/CC: JVNDB-2020-009655
value: CRITICAL

Trust: 0.8

JPCERT/CC: JVNDB-2020-009655
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-71207
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202011-1838
value: HIGH

Trust: 0.6

VULHUB: VHN-370733
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-27255
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-27255
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2020-71207
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-370733
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-27255
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

IPA score: JVNDB-2020-009655
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

JPCERT/CC score: JVNDB-2020-009655
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

JPCERT/CC score: JVNDB-2020-009655
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-71207 // VULHUB: VHN-370733 // VULMON: CVE-2020-27255 // JVNDB: JVNDB-2020-009655 // JVNDB: JVNDB-2020-009655 // JVNDB: JVNDB-2020-009655 // CNNVD: CNNVD-202011-1838 // NVD: CVE-2020-27255

PROBLEMTYPE DATA

problemtype:CWE-122

Trust: 1.9

problemtype:CWE-20

Trust: 0.8

sources: VULHUB: VHN-370733 // JVNDB: JVNDB-2020-009655 // NVD: CVE-2020-27255

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202011-1838

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202011-1838

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-009655

PATCH
title:Patch Answer ID 1126433 (要ログイン)url:https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1126433#__highlight
Trust: 0.8
title:ナレッジベース ID 546989 (要ログイン)url:https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F546989
Trust: 0.8
title:ナレッジベース ID 494865 (要ログイン)url:https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F494865
Trust: 0.8
title:Patch for FactoryTalk Linx heap buffer overflow vulnerability (CNVD-2020-71207)url:https://www.cnvd.org.cn/patchInfo/show/242074
Trust: 0.6
title:Rockwell Automation FactoryTalk Linx Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=135541
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-71207 // 
            
            
            
            JVNDB: JVNDB-2020-009655 // 
            
            
            
            CNNVD: CNNVD-202011-1838

EXTERNAL IDS
db:NVDid:CVE-2020-27255
Trust: 3.2
db:ICS CERTid:ICSA-20-329-01
Trust: 3.2
db:JVNid:JVNVU98689901
Trust: 0.8
db:JVNDBid:JVNDB-2020-009655
Trust: 0.8
db:CNNVDid:CNNVD-202011-1838
Trust: 0.7
db:CNVDid:CNVD-2020-71207
Trust: 0.6
db:AUSCERTid:ESB-2020.4170
Trust: 0.6
db:VULHUBid:VHN-370733
Trust: 0.1
db:VULMONid:CVE-2020-27255
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-71207 // 
            
            
            
            VULHUB: VHN-370733 // 
            
            
            
            VULMON: CVE-2020-27255 // 
            
            
            
            JVNDB: JVNDB-2020-009655 // 
            
            
            
            CNNVD: CNNVD-202011-1838 // 
            
            
            
            NVD: CVE-2020-27255

REFERENCES
url:https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01
Trust: 3.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27251
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27253
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27255
Trust: 0.8
url:https://jvn.jp/vu/jvnvu98689901
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2020.4170/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-27255
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/122.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-71207 // 
            
            
            
            VULHUB: VHN-370733 // 
            
            
            
            VULMON: CVE-2020-27255 // 
            
            
            
            JVNDB: JVNDB-2020-009655 // 
            
            
            
            CNNVD: CNNVD-202011-1838 // 
            
            
            
            NVD: CVE-2020-27255

SOURCES
db:CNVDid:CNVD-2020-71207
db:VULHUBid:VHN-370733
db:VULMONid:CVE-2020-27255
db:JVNDBid:JVNDB-2020-009655
db:CNNVDid:CNNVD-202011-1838
db:NVDid:CVE-2020-27255

LAST UPDATE DATE
2024-11-23T22:11:15.622000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-71207date:2020-12-14T00:00:00
db:VULHUBid:VHN-370733date:2020-11-30T00:00:00
db:VULMONid:CVE-2020-27255date:2020-11-30T00:00:00
db:JVNDBid:JVNDB-2020-009655date:2020-11-26T06:22:08
db:CNNVDid:CNNVD-202011-1838date:2020-12-02T00:00:00
db:NVDid:CVE-2020-27255date:2024-11-21T05:20:57.113

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-71207date:2020-11-24T00:00:00
db:VULHUBid:VHN-370733date:2020-11-26T00:00:00
db:VULMONid:CVE-2020-27255date:2020-11-26T00:00:00
db:JVNDBid:JVNDB-2020-009655date:2020-11-26T06:22:08
db:CNNVDid:CNNVD-202011-1838date:2020-11-24T00:00:00
db:NVDid:CVE-2020-27255date:2020-11-26T02:15:12.243