CVE-2020-5807

HIGH Year: 2020
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-755
View all →

Vulnerability Description

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpy_s() if a local user opens FactoryTalk Diagnostics Viewer (FTDiagViewer.exe) to view the log entry. Observed in FactoryTalk Diagnostics 6.11. All versions of FactoryTalk Diagnostics are affected.

Related Vulnerabilities

CVE-2011-4625

HIGH
CVSS:7.5(High)

simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.

CWE-7552011

CVE-2012-1109

HIGH
CVSS:7.5(High)

mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions

CWE-7552012

CVE-2015-2688

HIGH
CVSS:7.5(High)

buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of serv...

CWE-7552015

CVE-2016-11026

HIGH
CVSS:7.5(High)

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. BootReceiver allows attackers to trigger a system crash because of incorrect exception handling. The Sa...

CWE-7552016

CVE-2017-13199

HIGH
CVSS:7.5(High)

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system proces...

CWE-7552017

CVE-2017-14178

HIGH
CVSS:7.5(High)

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's acces...

CWE-7552017