Vulnerability Details CVE-2020-25180
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 4.3
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
- https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
- https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
- https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
- https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf
Products affected by CVE-2020-25180
-
cpe:2.3:a:rockwellautomation:aadvance_controller:*
-
cpe:2.3:a:rockwellautomation:isagraf_free_runtime:*
-
cpe:2.3:a:rockwellautomation:isagraf_runtime:*
-
cpe:2.3:h:rockwellautomation:micro810:-
-
cpe:2.3:h:rockwellautomation:micro820:-
-
cpe:2.3:h:rockwellautomation:micro830:-
-
cpe:2.3:h:rockwellautomation:micro850:-
-
cpe:2.3:h:rockwellautomation:micro870:-
-
cpe:2.3:h:schneider-electric:cp-3:-
-
cpe:2.3:h:schneider-electric:easergy_c5:-
-
cpe:2.3:h:schneider-electric:easergy_t300:-
-
cpe:2.3:h:schneider-electric:epas_gtw:-
-
cpe:2.3:h:schneider-electric:mc-31:-
-
cpe:2.3:h:schneider-electric:micom_c264:-
-
cpe:2.3:h:schneider-electric:pacis_gtw:-
-
cpe:2.3:h:schneider-electric:saitel_dp:-
-
cpe:2.3:h:schneider-electric:saitel_dr:-
-
cpe:2.3:o:rockwellautomation:micro810_firmware:-
-
cpe:2.3:o:rockwellautomation:micro820_firmware:-
-
cpe:2.3:o:rockwellautomation:micro830_firmware:-
-
cpe:2.3:o:rockwellautomation:micro850_firmware:-
-
cpe:2.3:o:rockwellautomation:micro870_firmware:-
-
cpe:2.3:o:schneider-electric:easergy_c5_firmware:*
-
cpe:2.3:o:schneider-electric:easergy_t300_firmware:-
-
cpe:2.3:o:schneider-electric:easergy_t300_firmware:1.5.2
-
cpe:2.3:o:schneider-electric:easergy_t300_firmware:2.7
-
cpe:2.3:o:schneider-electric:easergy_t300_firmware:2.7.1
-
cpe:2.3:o:schneider-electric:epas_gtw_firmware:6.4
-
cpe:2.3:o:schneider-electric:micom_c264_firmware:*
-
cpe:2.3:o:schneider-electric:pacis_gtw_firmware:5.1
-
cpe:2.3:o:schneider-electric:pacis_gtw_firmware:5.2
-
cpe:2.3:o:schneider-electric:pacis_gtw_firmware:6.1
-
cpe:2.3:o:schneider-electric:pacis_gtw_firmware:6.3
-
cpe:2.3:o:schneider-electric:saitel_dp_firmware:*
-
cpe:2.3:o:schneider-electric:saitel_dr_firmware:*
-
cpe:2.3:o:schneider-electric:scd2200_firmware:*
-
cpe:2.3:o:xylem:multismart_firmware:*