In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges.
References
Link | Resource |
---|---|
https://www.us-cert.gov/ics/advisories/icsa-20-170-04 | Third Party Advisory US Government Resource |
https://www.us-cert.gov/ics/advisories/icsa-20-170-04 | Third Party Advisory US Government Resource |
Configurations
History
21 Nov 2024, 04:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.us-cert.gov/ics/advisories/icsa-20-170-04 - Third Party Advisory, US Government Resource |
Information
Published : 2020-06-23 22:15
Updated : 2024-11-21 04:59
NVD link : CVE-2020-12033
Mitre link : CVE-2020-12033
CVE.ORG link : CVE-2020-12033
JSON object : View
Products Affected
rockwellautomation
- factorytalk_services_platform
CWE
CWE-20
Improper Input Validation