mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
928 B
928 B
CVE-2020-5802
Description
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions of FactoryTalk Linx are affected.
POC
Reference
- https://www.tenable.com/security/research/tra-2020-71
- https://www.tenable.com/security/research/tra-2020-71
Github
No PoCs found on GitHub currently.