{"vulnerability": "CVE-2020-5806", "sightings": [{"uuid": "4b1b637d-c467-4146-be14-79e14ced0378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5806", "type": "seen", "source": "https://t.me/cibsecurity/21386", "content": "\u203c CVE-2020-5806 \u203c\n\nAn attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-29T18:29:36.000000Z"}]}