CVE-2020-27255

HIGH

FactoryTalk Linx <6.11 - Info Disclosure

Title source: llm
STIX 2.1

Description

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR).

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01

Scores

CVSS v3 7.5
EPSS 0.0152
EPSS Percentile 81.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-122
Status published
Products (1)
rockwellautomation/factorytalk_linx < 6.11
Published Nov 26, 2020
Tracked Since Feb 18, 2026