CVE-2020-12005
UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434
A vulnerability exists in the communication function that enables users to upload EDS files by FactoryTalk Linx. This may allow an attacker to upload a file with bad compression, consuming all the available CPU resources, leading to a denial-of-service condition.
Risk Information
- CVE ID
- CVE-2020-12005
- Vendor
- Rockwell Automation
- Product
- FactoryTalk Linx
- CVSS v3
- 7.5