CVE-2020-25182
Rockwell Automation ISaGRAF5 Runtime Uncontrolled Search Path Element
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft Windows systems.
Rockwell Automation ISaGRAF Runtime Versiones 4.x y 5.x, busca y carga DLLs como bibliotecas dinámicas. Una carga no controlada de bibliotecas dinámicas podría permitir a un atacante local no autenticado ejecutar código arbitrario. Esta vulnerabilidad sólo afecta a ISaGRAF Runtime cuando es ejecutado en sistemas Microsoft Windows
*Credits:
Kaspersky reported these vulnerabilities to Rockwell Automation.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-09-04 CVE Reserved
- 2022-03-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Schneider-electric Search vendor "Schneider-electric" | Easergy T300 Firmware Search vendor "Schneider-electric" for product "Easergy T300 Firmware" | <= 2.7.1 Search vendor "Schneider-electric" for product "Easergy T300 Firmware" and version " <= 2.7.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Easergy T300 Search vendor "Schneider-electric" for product "Easergy T300" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Easergy C5 Firmware Search vendor "Schneider-electric" for product "Easergy C5 Firmware" | < 1.1.0 Search vendor "Schneider-electric" for product "Easergy C5 Firmware" and version " < 1.1.0" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Easergy C5 Search vendor "Schneider-electric" for product "Easergy C5" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Micom C264 Firmware Search vendor "Schneider-electric" for product "Micom C264 Firmware" | < d6.1 Search vendor "Schneider-electric" for product "Micom C264 Firmware" and version " < d6.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Micom C264 Search vendor "Schneider-electric" for product "Micom C264" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Firmware Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" | 5.1 Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" and version "5.1" | windows |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Search vendor "Schneider-electric" for product "Pacis Gtw" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Firmware Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" | 5.2 Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" and version "5.2" | windows |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Search vendor "Schneider-electric" for product "Pacis Gtw" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Firmware Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" | 6.1 Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" and version "6.1" | windows |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Search vendor "Schneider-electric" for product "Pacis Gtw" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Firmware Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" | 6.3 Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" and version "6.3" | linux |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Search vendor "Schneider-electric" for product "Pacis Gtw" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Firmware Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" | 6.3 Search vendor "Schneider-electric" for product "Pacis Gtw Firmware" and version "6.3" | windows |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Pacis Gtw Search vendor "Schneider-electric" for product "Pacis Gtw" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Saitel Dp Firmware Search vendor "Schneider-electric" for product "Saitel Dp Firmware" | <= 11.06.21 Search vendor "Schneider-electric" for product "Saitel Dp Firmware" and version " <= 11.06.21" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Saitel Dp Search vendor "Schneider-electric" for product "Saitel Dp" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Epas Gtw Firmware Search vendor "Schneider-electric" for product "Epas Gtw Firmware" | 6.4 Search vendor "Schneider-electric" for product "Epas Gtw Firmware" and version "6.4" | linux |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Epas Gtw Search vendor "Schneider-electric" for product "Epas Gtw" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Epas Gtw Firmware Search vendor "Schneider-electric" for product "Epas Gtw Firmware" | 6.4 Search vendor "Schneider-electric" for product "Epas Gtw Firmware" and version "6.4" | windows |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Epas Gtw Search vendor "Schneider-electric" for product "Epas Gtw" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Saitel Dr Firmware Search vendor "Schneider-electric" for product "Saitel Dr Firmware" | <= 11.06.12 Search vendor "Schneider-electric" for product "Saitel Dr Firmware" and version " <= 11.06.12" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Saitel Dr Search vendor "Schneider-electric" for product "Saitel Dr" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Scd2200 Firmware Search vendor "Schneider-electric" for product "Scd2200 Firmware" | <= 10024 Search vendor "Schneider-electric" for product "Scd2200 Firmware" and version " <= 10024" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Cp-3 Search vendor "Schneider-electric" for product "Cp-3" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Scd2200 Firmware Search vendor "Schneider-electric" for product "Scd2200 Firmware" | <= 10024 Search vendor "Schneider-electric" for product "Scd2200 Firmware" and version " <= 10024" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Mc-31 Search vendor "Schneider-electric" for product "Mc-31" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Micro810 Firmware Search vendor "Rockwellautomation" for product "Micro810 Firmware" | - | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Micro810 Search vendor "Rockwellautomation" for product "Micro810" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Micro820 Firmware Search vendor "Rockwellautomation" for product "Micro820 Firmware" | - | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Micro820 Search vendor "Rockwellautomation" for product "Micro820" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Micro830 Firmware Search vendor "Rockwellautomation" for product "Micro830 Firmware" | - | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Micro830 Search vendor "Rockwellautomation" for product "Micro830" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Micro850 Firmware Search vendor "Rockwellautomation" for product "Micro850 Firmware" | - | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Micro850 Search vendor "Rockwellautomation" for product "Micro850" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Micro870 Firmware Search vendor "Rockwellautomation" for product "Micro870 Firmware" | - | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Micro870 Search vendor "Rockwellautomation" for product "Micro870" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Aadvance Controller Search vendor "Rockwellautomation" for product "Aadvance Controller" | <= 1.40 Search vendor "Rockwellautomation" for product "Aadvance Controller" and version " <= 1.40" | - |
Affected
| ||||||
Rockwellautomation Search vendor "Rockwellautomation" | Isagraf Free Runtime Search vendor "Rockwellautomation" for product "Isagraf Free Runtime" | <= 6.6.8 Search vendor "Rockwellautomation" for product "Isagraf Free Runtime" and version " <= 6.6.8" | isagraf6_workbench |
Affected
| ||||||
Xylem Search vendor "Xylem" | Multismart Firmware Search vendor "Xylem" for product "Multismart Firmware" | < 3.2.0 Search vendor "Xylem" for product "Multismart Firmware" and version " < 3.2.0" | - |
Affected
| ||||||
Rockwellautomation Search vendor "Rockwellautomation" | Isagraf Runtime Search vendor "Rockwellautomation" for product "Isagraf Runtime" | >= 5.0 < 6.0 Search vendor "Rockwellautomation" for product "Isagraf Runtime" and version " >= 5.0 < 6.0" | windows |
Affected
|