The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-03 | Mitigation Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2020-06-25T00:00:00
Updated: 2022-02-24T18:27:13
Reserved: 2020-06-19T00:00:00
Link: CVE-2020-14481
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-02-24T19:15:08.853
Modified: 2022-03-04T18:28:11.570
Link: CVE-2020-14481
JSON object: View
Redhat Information
No data.