Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution.
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-04 | Mitigation Vendor Advisory |
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131699 | Permissions Required |
https://www.cisa.gov/uscert/ics/advisories/icsa-20-280-01 | Third Party Advisory US Government Resource |
https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-multismart-rockwell-isagraf.pdf | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2022-03-18T18:00:31
Updated: 2022-03-18T18:00:31
Reserved: 2020-09-04T00:00:00
Link: CVE-2020-25176
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-18T18:15:09.060
Modified: 2022-04-04T20:56:17.697
Link: CVE-2020-25176
JSON object: View
Redhat Information
No data.