CVE-2020-25176

Sažetak

Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699
https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

04-04-2022 - 20:56

Objavljeno

18-03-2022 - 18:15