Details of VAR-202012-1433

ID

VAR-202012-1433

CVE

CVE-2020-5806

TITLE

FactoryTalk Linx Vulnerability in resource allocation without restrictions or throttling in

Trust: 0.8

sources: JVNDB: JVNDB-2020-014971

DESCRIPTION

An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected. FactoryTalk Linx Is vulnerable to resource allocation without restrictions or throttling.Denial of service (DoS) It may be put into a state. Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Automation, USA. This product is mainly used for communication between small applications and large automation systems

Trust: 1.71

sources: NVD: CVE-2020-5806 // JVNDB: JVNDB-2020-014971 // VULHUB: VHN-183931

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	factorytalk linx	scope:	lte	version:	6.11	Trust: 1.0
vendor:	rockwell automation	model:	factorytalk linx	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-014971 // NVD: CVE-2020-5806

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-5806
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-5806
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202012-1775
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-183931
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2020-5806
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-183931
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-5806
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-5806
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-183931 // JVNDB: JVNDB-2020-014971 // CNNVD: CNNVD-202012-1775 // NVD: CVE-2020-5806

PROBLEMTYPE DATA

problemtype:	CWE-770	Trust: 1.1
problemtype:	Allocation of resources without limits or throttling (CWE-770) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-183931 // JVNDB: JVNDB-2020-014971 // NVD: CVE-2020-5806

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202012-1775

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202012-1775

PATCH

title:	Top Page	url:	https://www.rockwellautomation.com/	Trust: 0.8
title:	Rockwell Automation FactoryTalk Linx Fixes for code issue vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138280	Trust: 0.6

sources: JVNDB: JVNDB-2020-014971 // CNNVD: CNNVD-202012-1775

EXTERNAL IDS

db:	TENABLE	id:	TRA-2020-71	Trust: 2.5
db:	NVD	id:	CVE-2020-5806	Trust: 2.5
db:	JVN	id:	JVNVU98988953	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-014971	Trust: 0.8
db:	CNNVD	id:	CNNVD-202012-1775	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.0327	Trust: 0.6
db:	ICS CERT	id:	ICSA-21-028-01	Trust: 0.6
db:	VULHUB	id:	VHN-183931	Trust: 0.1

sources: VULHUB: VHN-183931 // JVNDB: JVNDB-2020-014971 // CNNVD: CNNVD-202012-1775 // NVD: CVE-2020-5806

REFERENCES

url:	https://www.tenable.com/security/research/tra-2020-71	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2020-5806	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu98988953/	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-028-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0327/	Trust: 0.6

sources: VULHUB: VHN-183931 // JVNDB: JVNDB-2020-014971 // CNNVD: CNNVD-202012-1775 // NVD: CVE-2020-5806

SOURCES

db:	VULHUB	id:	VHN-183931
db:	JVNDB	id:	JVNDB-2020-014971
db:	CNNVD	id:	CNNVD-202012-1775
db:	NVD	id:	CVE-2020-5806

LAST UPDATE DATE

2024-11-23T21:35:01.240000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-183931	date:	2020-12-30T00:00:00
db:	JVNDB	id:	JVNDB-2020-014971	date:	2021-09-06T08:38:00
db:	CNNVD	id:	CNNVD-202012-1775	date:	2021-02-01T00:00:00
db:	NVD	id:	CVE-2020-5806	date:	2024-11-21T05:34:37.870

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-183931	date:	2020-12-29T00:00:00
db:	JVNDB	id:	JVNDB-2020-014971	date:	2021-09-06T00:00:00
db:	CNNVD	id:	CNNVD-202012-1775	date:	2020-12-29T00:00:00
db:	NVD	id:	CVE-2020-5806	date:	2020-12-29T16:15:14.887