CVE-2020-11999

IMPROPER INPUT VALIDATION CWE-20
An exposed API call allows users to provide files to be processed without sanitation. This may allow an attacker to specify a filename to execute unauthorized code and modify files or data.

Risk Information

  • CVE ID
  • CVE-2020-11999
  • Vendor
  • Rockwell Automation
  • Product
  • FactoryTalk Linx
  • CVSS v3
  • 9.6