CRITICAL🇵🇱 Wersja polska

CVE-2020-25176

CVSS 9.1v3.1pub. 2022-03-18upd. 2024-11-21

Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Rockwellautomation Aadvance Controller

    APP
    Rockwellautomation
    ≤ 1.40
  • Rockwellautomation Isagraf Free Runtime

    APP
    Rockwellautomation
    ≤ 6.6.8
  • Rockwellautomation Isagraf Runtime

    APP
    Rockwellautomation
    5.0 – 6.0 (bez)
  • Rockwellautomation Micro810

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro810 Firmware

    OS
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro820

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro820 Firmware

    OS
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro830

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro830 Firmware

    OS
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro850

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro850 Firmware

    OS
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro870

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Micro870 Firmware

    OS
    Rockwellautomation
    wszystkie wersje
  • Schneider Electric Cp 3

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Easergy C5

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Easergy C5 Firmware

    OS
    Schneider-Electric
    < 1.1.0
  • Schneider Electric Easergy T300

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Easergy T300 Firmware

    OS
    Schneider-Electric
    ≤ 2.7.1
  • Schneider Electric Epas Gtw

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Epas Gtw Firmware

    OS
    Schneider-Electric
    6.4
  • Schneider Electric Mc 31

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Micom C264

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Micom C264 Firmware

    OS
    Schneider-Electric
    < d6.1
  • Schneider Electric Pacis Gtw

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Pacis Gtw Firmware

    OS
    Schneider-Electric
    5.15.26.16.3
  • Schneider Electric Saitel Dp

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Saitel Dp Firmware

    OS
    Schneider-Electric
    ≤ 11.06.21
  • Schneider Electric Saitel Dr

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Saitel Dr Firmware

    OS
    Schneider-Electric
    ≤ 11.06.12
  • Schneider Electric Scd2200 Firmware

    OS
    Schneider-Electric
    ≤ 10024
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEAuth BypassPath Traversal
CWE
References

Related vulnerabilities

CVE-2020-28215CRITICAL9.8ten sam produkt

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cau...

CVE-2020-7561CRITICAL9.8ten sam produkt

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2....

CVE-2020-7508CRITICAL9.8ten sam produkt

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firm...

CVE-2020-7512CRITICAL9.8ten sam produkt

A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Ease...

CVE-2020-25184HIGH7.8ten sam produkt

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in...