CVE-2020-25178

ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote unauthenticated attacker to upload, read, and delete files.

Weakness

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Affected Software

Potential Mitigations

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/102.html
• https://cwe.mitre.org/data/definitions/117.html
• https://cwe.mitre.org/data/definitions/383.html
• https://cwe.mitre.org/data/definitions/477.html
• https://cwe.mitre.org/data/definitions/65.html

References

• https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
• https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
• https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
• https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf
• https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
• https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
• https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
• https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf