CVE-2020-12038

IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119
A memory corruption vulnerability exists in the algorithm that matches square brackets in the EDS subsystem. This may allow an attacker to craft specialized EDS files to crash the EDSParser COM object, leading to denial-of-service conditions.

Risk Information

  • CVE ID
  • CVE-2020-12038
  • Vendor
  • Rockwell Automation
  • Product
  • EDS Subsystem
  • CVSS v3
  • 6.7