Description
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected products
References
- VENDOR_ADVISORYhttps://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
- MISChttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
- MISChttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
- VENDOR_ADVISORYhttps://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf