CVE-2020-14481 - OpenCVE

The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Rockwellautomation	Factorytalk View

Configuration 1 [-]

OR	cpe:2.3:a:rockwellautomation:factorytalk_view:::::se:::*
	cpe:2.3:a:rockwellautomation:factorytalk_view:10.0::::se:::

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-03	Mitigation Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2020-06-25T00:00:00

Updated: 2022-02-24T18:27:13

Reserved: 2020-06-19T00:00:00

Link: CVE-2020-14481

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-02-24T19:15:08.853

Modified: 2022-03-04T18:28:11.570

Link: CVE-2020-14481

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "FactoryTalk View SE", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "10.0"}]}], "datePublic": "2020-06-25T00:00:00", "descriptions": [{"lang": "en", "value": "The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user\u2019s operating system and certain components of FactoryTalk View SE."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-261", "description": "CWE-261 Weak Cryptography for Passwords", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-02-24T18:27:13", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-03"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2020-06-25T16:00:00.000Z", "ID": "CVE-2020-14481", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FactoryTalk View SE", "version": {"version_data": [{"version_affected": "<=", "version_value": "9.0"}, {"version_affected": "=", "version_value": "10.0"}]}}]}, "vendor_name": "Rockwell Automation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user\u2019s operating system and certain components of FactoryTalk View SE."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-261 Weak Cryptography for Passwords"}]}]}, "references": {"reference_data": [{"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-03", "refsource": "MISC", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-03"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2020-14481", "datePublished": "2020-06-25T00:00:00", "dateReserved": "2020-06-19T00:00:00", "dateUpdated": "2022-02-24T18:27:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*", "matchCriteriaId": "CFDFC2EF-3BD1-43A7-8891-B5282CED71EF", "versionEndIncluding": "9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:10.0:*:*:*:se:*:*:*", "matchCriteriaId": "B2D57C54-FAF6-494A-8B44-AC113392606C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user\u2019s operating system and certain components of FactoryTalk View SE."}, {"lang": "es", "value": "La herramienta DeskLock proporcionada con FactoryTalk View SE usa un algoritmo de cifrado d\u00e9bil que puede permitir a un atacante local y autenticado descifrar las credenciales de usuario, incluyendo el usuario de Windows o las contrase\u00f1as de Windows DeskLock. Si el usuario comprometido presenta una cuenta administrativa, un atacante podr\u00eda conseguir acceso completo al sistema operativo del usuario y a determinados componentes de FactoryTalk View SE"}], "id": "CVE-2020-14481", "lastModified": "2022-03-04T18:28:11.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-24T19:15:08.853", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-261"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}