CVE-2020-25176

Rockwell Automation ISaGRAF5 Runtime Relative Path Traversal

CVSS 9.1 CRITICALEPSS 6.1%CWE-23

Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Productos afectados

Rockwell Automation · ISaGRAF Runtime

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699 https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01 https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf