Learn about CVE-2020-12033 affecting Rockwell Automation FactoryTalk Services Platform. Discover the impact, affected systems, exploitation details, and mitigation steps.
Rockwell Automation FactoryTalk Services Platform is affected by a vulnerability that could allow an unauthenticated attacker to execute remote COM objects with elevated privileges.
Understanding CVE-2020-12033
In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) lacks proper validation of supplied identifiers, enabling an adjacent attacker to exploit the system.
What is CVE-2020-12033?
The vulnerability in Rockwell Automation FactoryTalk Services Platform allows an unauthenticated attacker to execute remote COM objects with elevated privileges due to inadequate validation of supplied identifiers.
The Impact of CVE-2020-12033
This vulnerability could be exploited by an adjacent attacker to execute remote COM objects with elevated privileges, potentially leading to unauthorized access and control of the affected system.
Technical Details of CVE-2020-12033
Vulnerability Description
The redundancy host service (RdcyHost.exe) in all versions of Rockwell Automation FactoryTalk Services Platform fails to validate supplied identifiers, opening the door for unauthorized remote execution of COM objects.
Affected Systems and Versions
Exploitation Mechanism
The lack of proper validation of supplied identifiers in the redundancy host service (RdcyHost.exe) allows an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges.
Mitigation and Prevention
Immediate Steps to Take
Long-Term Security Practices
Patching and Updates
Ensure timely installation of security patches and updates provided by Rockwell Automation to address the vulnerability.