CVE-2020-6967

CVE-2020-6967

Vendor N/A

Product Rockwell Automation All versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform

Weakness CWE-502 · Unsafe deserialization

Published March 23, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.

Key dates

02Disclosure timeline

March 23, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-6967

Related vulnerabilities

Identifiers

CVE CVE-2020-6967

CWE CWE-502

Affected versions

Vendor N/A

Product Rockwell Automation All versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform

Affected Rockwell Automation All versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk

01Description

02Disclosure timeline

03References

04Related CVE