CVE-2020-25184
18.03.2022, 18:15
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure.Enginsight
| Vendor | Product | Version |
|---|---|---|
| schneider-electric | easergy_t300_firmware | 𝑥 ≤ 2.7.1 |
| schneider-electric | easergy_c5_firmware | 𝑥 < 1.1.0 |
| schneider-electric | pacis_gtw_firmware | 5.1 |
| schneider-electric | pacis_gtw_firmware | 5.2 |
| schneider-electric | pacis_gtw_firmware | 6.1 |
| schneider-electric | pacis_gtw_firmware | 6.3 |
| schneider-electric | pacis_gtw_firmware | 6.3 |
| schneider-electric | saitel_dp_firmware | 𝑥 ≤ 11.06.21 |
| schneider-electric | epas_gtw_firmware | 6.4 |
| schneider-electric | epas_gtw_firmware | 6.4 |
| schneider-electric | saitel_dr_firmware | 𝑥 ≤ 11.06.12 |
| schneider-electric | scd2200_firmware | 𝑥 ≤ 10024 |
| rockwellautomation | aadvance_controller | 𝑥 ≤ 1.40 |
| rockwellautomation | isagraf_free_runtime | 𝑥 ≤ 6.6.8 |
| rockwellautomation | isagraf_runtime | 5.0 ≤ 𝑥 < 6.0 |
| rockwellautomation | micro810_firmware | - |
| rockwellautomation | micro820_firmware | - |
| rockwellautomation | micro830_firmware | - |
| rockwellautomation | micro850_firmware | - |
| rockwellautomation | micro870_firmware | - |
| xylem | multismart_firmware | 𝑥 < 3.2.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-256 - Plaintext Storage of a PasswordStoring a password in plaintext may result in a system compromise.
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
References