CVE-2020-12005

UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434
A vulnerability exists in the communication function that enables users to upload EDS files by FactoryTalk Linx. This may allow an attacker to upload a file with bad compression, consuming all the available CPU resources, leading to a denial-of-service condition.

Risk Information

  • CVE ID
  • CVE-2020-12005
  • Vendor
  • Rockwell Automation
  • Product
  • FactoryTalk Linx
  • CVSS v3
  • 7.5