VAR-202106-1997
Vulnerability from variot - Updated: 2023-12-18 10:50Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device. Rockwell Automation Provided by the company ISaGRAF5 Runtime The following multiple vulnerabilities exist in. * Relative path traversal (CWE-23) - CVE-2020-25176 ‥ * Plaintext storage of credentials (CWE-256) - CVE-2020-25184 ‥ * Sending important information in clear text (CWE-319) - CVE-2020-25178 ‥ * DLL File search path is not properly controlled (CWE-427) - CVE-2020-25182 ‥ * Use of hard-coded encryption key (CWE-321) - CVE-2020-25180The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary code executed by a remote third party - CVE-2020-25176 ‥ * Passwords and information stolen by local users - CVE-2020-25184 ‥ * Files are uploaded, read and deleted by a remote third party - CVE-2020-25178 ‥ * ISaGRAF Runtime But Microsoft Windows Any code executed by a local third party when running on - CVE-2020-25182 ‥ * Information stolen by a remote third party - CVE-2020-25180. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Rockwell Automation ISaGRAF is an automation software technology developed by Rockwell Automation in the United States for creating integrated automation solutions. It is designed to be scalable and portable, suitable for developing small controllers and large distributed automation systems
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-1997",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "isagraf free runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.8"
},
{
"model": "aadvance controller",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "1.40"
},
{
"model": "micro820",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "scd2200",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "10024"
},
{
"model": "isagraf runtime",
"scope": "lt",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.0"
},
{
"model": "micro850",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "pacis gtw",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "5.2"
},
{
"model": "easergy t300",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "2.7.1"
},
{
"model": "isagraf runtime",
"scope": "gte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.0"
},
{
"model": "micro830",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "easergy c5",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "1.1.0"
},
{
"model": "pacis gtw",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "6.1"
},
{
"model": "micro810",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "saitel dr",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "11.06.12"
},
{
"model": "pacis gtw",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "6.3"
},
{
"model": "micro870",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "pacis gtw",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "5.1"
},
{
"model": "saitel dp",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "11.06.21"
},
{
"model": "epas gtw",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "6.4"
},
{
"model": "multismart",
"scope": "lt",
"trust": 1.0,
"vendor": "xylem",
"version": "3.2.0"
},
{
"model": "micom c264",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "d6.1"
},
{
"model": "multismart gen-1",
"scope": null,
"trust": 0.8,
"vendor": "xylem",
"version": null
},
{
"model": "alspa s6 mfc3000",
"scope": null,
"trust": 0.8,
"vendor": "ge steam power",
"version": null
},
{
"model": "aadvance controller",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "micro800",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "alspa s6 mfc1000",
"scope": null,
"trust": 0.8,
"vendor": "ge steam power",
"version": null
},
{
"model": "multismart gen-2",
"scope": null,
"trust": 0.8,
"vendor": "xylem",
"version": null
},
{
"model": "isagraf free runtime",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf runtime",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "NVD",
"id": "CVE-2020-25180"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:easergy_t300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:easergy_t300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:easergy_c5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:easergy_c5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:micom_c264_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "d6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:micom_c264:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:pacis_gtw_firmware:5.1:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:pacis_gtw_firmware:5.2:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:pacis_gtw_firmware:6.1:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:pacis_gtw_firmware:6.3:*:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:pacis_gtw_firmware:6.3:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:pacis_gtw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:saitel_dp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.06.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:saitel_dp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:epas_gtw_firmware:6.4:*:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:epas_gtw_firmware:6.4:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:epas_gtw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:saitel_dr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.06.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:saitel_dr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:scd2200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10024",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:cp-3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mc-31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:aadvance_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.40",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:isagraf_free_runtime:*:*:*:*:*:isagraf6_workbench:*:*",
"cpe_name": [],
"versionEndIncluding": "6.6.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:isagraf_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.0",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micro810_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:micro810:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micro820_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:micro820:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micro830_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:micro830:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micro850_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:micro850:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micro870_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:micro870:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:xylem:multismart_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25180"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kaspersky reported these vulnerabilities to Rockwell Automation.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
],
"trust": 0.6
},
"cve": "CVE-2020-25180",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-179133",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-001882",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N \t",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-25180",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2020-25180",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2021-001882",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-529",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-179133",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-179133"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device. Rockwell Automation Provided by the company ISaGRAF5 Runtime The following multiple vulnerabilities exist in. * Relative path traversal (CWE-23) - CVE-2020-25176 \u2025 * Plaintext storage of credentials (CWE-256) - CVE-2020-25184 \u2025 * Sending important information in clear text (CWE-319) - CVE-2020-25178 \u2025 * DLL File search path is not properly controlled (CWE-427) - CVE-2020-25182 \u2025 * Use of hard-coded encryption key (CWE-321) - CVE-2020-25180The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary code executed by a remote third party - CVE-2020-25176 \u2025 * Passwords and information stolen by local users - CVE-2020-25184 \u2025 * Files are uploaded, read and deleted by a remote third party - CVE-2020-25178 \u2025 * ISaGRAF Runtime But Microsoft Windows Any code executed by a local third party when running on - CVE-2020-25182 \u2025 * Information stolen by a remote third party - CVE-2020-25180. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Rockwell Automation ISaGRAF is an automation software technology developed by Rockwell Automation in the United States for creating integrated automation solutions. It is designed to be scalable and portable, suitable for developing small controllers and large distributed automation systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-179133"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-25180",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-20-280-01",
"trust": 2.5
},
{
"db": "SCHNEIDER",
"id": "SEVD-2021-159-04",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU90811375",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001882",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021120106",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021060920",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2163",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-529",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-179133",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-179133"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
]
},
"id": "VAR-202106-1997",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-179133"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:50:16.588000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Xylem\u00a0Product\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699"
},
{
"title": "Rockwell Automation ISaGRAF Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=153709"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.1
},
{
"problemtype": "Relative path traversal (CWE-23) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Plaintext storage of credentials (CWE-256) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Sending important information in clear text (CWE-319) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Use of hard-coded encryption key (CWE-321) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Uncontrolled search path elements (CWE-427) [IPA Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-179133"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "NVD",
"id": "CVE-2020-25180"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2021-159-04"
},
{
"trust": 1.7,
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699"
},
{
"trust": 1.7,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01"
},
{
"trust": 1.7,
"url": "https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf"
},
{
"trust": 1.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-280-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu90811375"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2163"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021060920"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2020-25180/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021120106"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-179133"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-179133"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-18T00:00:00",
"db": "VULHUB",
"id": "VHN-179133"
},
{
"date": "2021-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"date": "2022-03-18T18:15:09.187000",
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-04T00:00:00",
"db": "VULHUB",
"id": "VHN-179133"
},
{
"date": "2021-06-21T08:28:00",
"db": "JVNDB",
"id": "JVNDB-2021-001882"
},
{
"date": "2022-04-04T20:59:49.830000",
"db": "NVD",
"id": "CVE-2020-25180"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2022-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-529"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell\u00a0Automation\u00a0 Made \u00a0ISaGRAF5\u00a0Runtime\u00a0 Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001882"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…