Threat Encyclopedia

RA.FactoryTalk.RNADiagnosticsSrv.Insecure.Deserialization

description-logoDescription

This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in Rockwell Automation FactoryTalk Diagnostics.
This vulnerability is due to insufficient validation of serialized data sent to RNADiagnosticsSrv endpoint. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted serialized object to the target server. Successful exploitation can result in result in arbitrary code execution under the security context of the SYSTEM.

affected-products-logoAffected Products

Rockwell Automation FactoryTalk Diagnostics .

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.us-cert.gov/ics/advisories/icsa-20-051-02

Telemetry

CVE References

CVE-2020-6967

Other References

ICSA-20-051-02