CVE-2020-25184

moderate-risk
Published 2022-03-18

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (20)

Easergy C5 Firmware
Micom C264 Firmware
Pacis Gtw Firmware
Pacis Gtw Firmware
Pacis Gtw Firmware
Pacis Gtw Firmware
Pacis Gtw Firmware
Saitel Dp Firmware
Epas Gtw Firmware
Epas Gtw Firmware
Saitel Dr Firmware
Scd2200 Firmware
Aadvance Controller
Isagraf Free Runtime
Isagraf Runtime
Micro810 Firmware
Micro820 Firmware
Micro830 Firmware
Micro850 Firmware

Affected Vendors

Rockwellautomation Schneider-Electric Xylem

References (8)

Vendor Advisory https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
Permissions Required https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
Third Party Advisory https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
Vendor Advisory https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-mult...
Vendor Advisory https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
Permissions Required https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
Third Party Advisory https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
Vendor Advisory https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-mult...
44
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 0/34 · Minimal
Exposure 20/34 · Moderate