CVE-2020-25180

Summary

CVE	CVE-2020-25180
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-03-18 18:15:00 UTC
Updated	2022-04-04 20:59:00 UTC
Description	Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device.

Risk And Classification

Problem Types: CWE-798

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Rockwellautomation	Aadvance Controller	All	All	All	All
Application	Rockwellautomation	Isagraf Free Runtime	All	All	All	All
Application	Rockwellautomation	Isagraf Runtime	All	All	All	All
Hardware	Rockwellautomation	Micro810	-	All	All	All
Operating System	Rockwellautomation	Micro810 Firmware	-	All	All	All
Hardware	Rockwellautomation	Micro820	-	All	All	All
Operating System	Rockwellautomation	Micro820 Firmware	-	All	All	All
Hardware	Rockwellautomation	Micro830	-	All	All	All
Operating System	Rockwellautomation	Micro830 Firmware	-	All	All	All
Hardware	Rockwellautomation	Micro850	-	All	All	All
Operating System	Rockwellautomation	Micro850 Firmware	-	All	All	All
Hardware	Rockwellautomation	Micro870	-	All	All	All
Operating System	Rockwellautomation	Micro870 Firmware	-	All	All	All
Hardware	Schneider-electric	Cp-3	-	All	All	All
Hardware	Schneider-electric	Easergy C5	-	All	All	All
Operating System	Schneider-electric	Easergy C5 Firmware	All	All	All	All
Hardware	Schneider-electric	Easergy T300	-	All	All	All
Operating System	Schneider-electric	Easergy T300 Firmware	All	All	All	All
Hardware	Schneider-electric	Epas Gtw	-	All	All	All
Operating System	Schneider-electric	Epas Gtw Firmware	6.4	All	All	All
Operating System	Schneider-electric	Epas Gtw Firmware	6.4	All	All	All
Hardware	Schneider-electric	Mc-31	-	All	All	All
Hardware	Schneider-electric	Micom C264	-	All	All	All
Operating System	Schneider-electric	Micom C264 Firmware	All	All	All	All
Hardware	Schneider-electric	Pacis Gtw	-	All	All	All
Operating System	Schneider-electric	Pacis Gtw Firmware	5.1	All	All	All
Operating System	Schneider-electric	Pacis Gtw Firmware	5.2	All	All	All
Operating System	Schneider-electric	Pacis Gtw Firmware	6.1	All	All	All
Operating System	Schneider-electric	Pacis Gtw Firmware	6.3	All	All	All
Operating System	Schneider-electric	Pacis Gtw Firmware	6.3	All	All	All
Hardware	Schneider-electric	Saitel Dp	-	All	All	All
Operating System	Schneider-electric	Saitel Dp Firmware	All	All	All	All
Hardware	Schneider-electric	Saitel Dr	-	All	All	All
Operating System	Schneider-electric	Saitel Dr Firmware	All	All	All	All
Operating System	Schneider-electric	Scd2200 Firmware	All	All	All	All
Operating System	Xylem	Multismart Firmware	All	All	All	All

References

Reference	Source	Link	Tags
www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multism...	CONFIRM	www.xylem.com
download.schneider-electric.com/files	CONFIRM	download.schneider-electric.com
Rockwell Automation ISaGRAF5 Runtime (Update A) \| CISA	CONFIRM	www.cisa.gov
Sign In	CONFIRM	rockwellautomation.custhelp.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Discovery Credit

LEGACY: Kaspersky reported these vulnerabilities to Rockwell Automation.

Legacy QID Mappings

590729 Rockwell Automation ISaGRAF5 Runtime Multiple Vulnerabilities (ICSA-20-280-01)
590781 Rockwell Automation AADvance Controller and Micro800 family Multiple Vulnerabilities (ICSA-20-280-01)