CVE-2020-25182
18.03.2022, 18:15
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft Windows systems.Enginsight
| Vendor | Product | Version |
|---|---|---|
| schneider-electric | easergy_t300_firmware | 𝑥 ≤ 2.7.1 |
| schneider-electric | easergy_c5_firmware | 𝑥 < 1.1.0 |
| schneider-electric | pacis_gtw_firmware | 5.1 |
| schneider-electric | pacis_gtw_firmware | 5.2 |
| schneider-electric | pacis_gtw_firmware | 6.1 |
| schneider-electric | pacis_gtw_firmware | 6.3 |
| schneider-electric | pacis_gtw_firmware | 6.3 |
| schneider-electric | saitel_dp_firmware | 𝑥 ≤ 11.06.21 |
| schneider-electric | epas_gtw_firmware | 6.4 |
| schneider-electric | epas_gtw_firmware | 6.4 |
| schneider-electric | saitel_dr_firmware | 𝑥 ≤ 11.06.12 |
| schneider-electric | scd2200_firmware | 𝑥 ≤ 10024 |
| rockwellautomation | aadvance_controller | 𝑥 ≤ 1.40 |
| rockwellautomation | isagraf_free_runtime | 𝑥 ≤ 6.6.8 |
| rockwellautomation | micro810_firmware | - |
| rockwellautomation | micro820_firmware | - |
| rockwellautomation | micro830_firmware | - |
| rockwellautomation | micro850_firmware | - |
| rockwellautomation | micro870_firmware | - |
| xylem | multismart_firmware | 𝑥 < 3.2.0 |
| rockwellautomation | isagraf_runtime | 5.0 ≤ 𝑥 < 6.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References