Sign-up

ID

VAR-202006-0322


CVE

CVE-2020-12033


TITLE

Rockwell Automation FactoryTalk Services Platform Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-007383

DESCRIPTION

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges. Rockwell Automation FactoryTalk Services Platform There is an input verification vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation FactoryTalk View SE. Authentication is not required to exploit this vulnerability.The specific flaw exists within the AddAgent method. The issue results from a lack of authentication required to instantiate a COM object on the server. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. It provides routine services for applications, such as diagnostic information, health monitoring, and real-time data access

Trust: 2.97

sources: NVD: CVE-2020-12033 // JVNDB: JVNDB-2020-007383 // ZDI: ZDI-20-735 // CNVD: CNVD-2020-38692 // VULHUB: VHN-164671 // VULMON: CVE-2020-12033

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-38692

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:factorytalk services platformscope:eqversion:*

Trust: 1.0

vendor:rockwell automationmodel:factorytalk services platformscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:factorytalk view sescope: - version: -

Trust: 0.7

vendor:rockwellmodel:automation factorytalk services platformscope: - version: -

Trust: 0.6

sources: ZDI: ZDI-20-735 // CNVD: CNVD-2020-38692 // JVNDB: JVNDB-2020-007383 // NVD: CVE-2020-12033

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-12033
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-007383
value: HIGH

Trust: 0.8

ZDI: CVE-2020-12033
value: CRITICAL

Trust: 0.7

CNVD: CNVD-2020-38692
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202006-1211
value: HIGH

Trust: 0.6

VULHUB: VHN-164671
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-12033
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-12033
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-007383
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-38692
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-164671
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-12033
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-007383
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-12033
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-735 // CNVD: CNVD-2020-38692 // VULHUB: VHN-164671 // VULMON: CVE-2020-12033 // JVNDB: JVNDB-2020-007383 // CNNVD: CNNVD-202006-1211 // NVD: CVE-2020-12033

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-164671 // JVNDB: JVNDB-2020-007383 // NVD: CVE-2020-12033

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202006-1211

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202006-1211

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-007383

PATCH
title:Top Pageurl:https://www.rockwellautomation.com/en-us.html
Trust: 0.8
title:Rockwell Automation has issued an update to correct this vulnerability.url:https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1126946
Trust: 0.7
title:Patch for Rockwell Automation FactoryTalk Services Platform Input Verification Error Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/225401
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-735 // 
            
            
            
            CNVD: CNVD-2020-38692 // 
            
            
            
            JVNDB: JVNDB-2020-007383

EXTERNAL IDS
db:NVDid:CVE-2020-12033
Trust: 3.9
db:ICS CERTid:ICSA-20-170-04
Trust: 3.2
db:ZDIid:ZDI-20-735
Trust: 1.3
db:JVNid:JVNVU97172119
Trust: 0.8
db:JVNDBid:JVNDB-2020-007383
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10299
Trust: 0.7
db:CNVDid:CNVD-2020-38692
Trust: 0.7
db:CNNVDid:CNNVD-202006-1211
Trust: 0.7
db:NSFOCUSid:47205
Trust: 0.6
db:AUSCERTid:ESB-2020.2143
Trust: 0.6
db:VULHUBid:VHN-164671
Trust: 0.1
db:VULMONid:CVE-2020-12033
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-735 // 
            
            
            
            CNVD: CNVD-2020-38692 // 
            
            
            
            VULHUB: VHN-164671 // 
            
            
            
            VULMON: CVE-2020-12033 // 
            
            
            
            JVNDB: JVNDB-2020-007383 // 
            
            
            
            CNNVD: CNNVD-202006-1211 // 
            
            
            
            NVD: CVE-2020-12033

REFERENCES
url:https://www.us-cert.gov/ics/advisories/icsa-20-170-04
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2020-12033
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12033
Trust: 0.8
url:https://us-cert.cisa.gov/ics/advisories/icsa-20-170-04
Trust: 0.8
url:https://jvn.jp/vu/jvnvu97172119/
Trust: 0.8
url:https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1126946
Trust: 0.7
url:https://www.zerodayinitiative.com/advisories/zdi-20-735/
Trust: 0.6
url:http://www.nsfocus.net/vulndb/47205
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2143/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-735 // 
            
            
            
            CNVD: CNVD-2020-38692 // 
            
            
            
            VULHUB: VHN-164671 // 
            
            
            
            VULMON: CVE-2020-12033 // 
            
            
            
            JVNDB: JVNDB-2020-007383 // 
            
            
            
            CNNVD: CNNVD-202006-1211 // 
            
            
            
            NVD: CVE-2020-12033

CREDITS
Sharon Brizinov, Amir Preminger of Claroty Research
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-735

SOURCES
db:ZDIid:ZDI-20-735
db:CNVDid:CNVD-2020-38692
db:VULHUBid:VHN-164671
db:VULMONid:CVE-2020-12033
db:JVNDBid:JVNDB-2020-007383
db:CNNVDid:CNNVD-202006-1211
db:NVDid:CVE-2020-12033

LAST UPDATE DATE
2024-11-23T21:59:09.763000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-735date:2020-06-22T00:00:00
db:CNVDid:CNVD-2020-38692date:2020-07-14T00:00:00
db:VULHUBid:VHN-164671date:2020-07-06T00:00:00
db:VULMONid:CVE-2020-12033date:2020-07-06T00:00:00
db:JVNDBid:JVNDB-2020-007383date:2020-08-11T00:00:00
db:CNNVDid:CNNVD-202006-1211date:2020-07-23T00:00:00
db:NVDid:CVE-2020-12033date:2024-11-21T04:59:09.173

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-735date:2020-06-22T00:00:00
db:CNVDid:CNVD-2020-38692date:2020-07-14T00:00:00
db:VULHUBid:VHN-164671date:2020-06-23T00:00:00
db:VULMONid:CVE-2020-12033date:2020-06-23T00:00:00
db:JVNDBid:JVNDB-2020-007383date:2020-08-11T00:00:00
db:CNNVDid:CNNVD-202006-1211date:2020-06-18T00:00:00
db:NVDid:CVE-2020-12033date:2020-06-23T22:15:14.057