CVE-2020-25180

CWE-321 CWE-798 — Hard-coded Credentials3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 71.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rockwellautomation Isagraf Runtime Schneider-electric Easergy C5 Firmware Schneider-electric Micom C264 Firmware +10 more

Timeline

PublishedMar 18

Latest updateMar 19

Description

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages13 packages

▶NVDrockwellautomation/isagraf_runtime5.0 — 6.0

▶NVDrockwellautomation/isagraf_free_runtime6.6.8

▶CVEListV5rockwell_automation/isagraf_runtime4.x, 5.x+1

▶NVDrockwellautomation/aadvance_controller1.40

▶NVDxylem/multismart_firmware< 3.2.0

🔴Vulnerability Details

GHSA

GHSA-rq23-5rjf-c828: Rockwell Automation ISaGRAF Runtime Versions 4↗2022-03-19

▶

CVEList

Rockwell Automation ISaGRAF5 Runtime Use of Hard-coded Cryptographic Key↗2022-03-18

▶