CVE-2020-25180
published 2022-03-18CVE-2020-25180: Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | isagraf_runtime | — | — |
| rockwell_automation | isagraf_runtime | — | — |
| rockwellautomation | aadvance_controller | <= 1.40 | — |
| rockwellautomation | isagraf_free_runtime | <= 6.6.8 | — |
| rockwellautomation | isagraf_runtime | >= 5.0 < 6.0 | 6.0 |
| schneider-electric | easergy_c5_firmware | < 1.1.0 | 1.1.0 |
| schneider-electric | easergy_t300_firmware | <= 2.7.1 | — |
| schneider-electric | epas_gtw_firmware | — | — |
| schneider-electric | micom_c264_firmware | < d6.1 | d6.1 |
| schneider-electric | pacis_gtw_firmware | — | — |
| schneider-electric | pacis_gtw_firmware | — | — |
| schneider-electric | pacis_gtw_firmware | — | — |
| schneider-electric | pacis_gtw_firmware | — | — |
| schneider-electric | saitel_dp_firmware | <= 11.06.21 | — |
| schneider-electric | saitel_dr_firmware | <= 11.06.12 | — |
| schneider-electric | scd2200_firmware | <= 10024 | — |
| xylem | multismart_firmware | < 3.2.0 | 3.2.0 |