Security Advisory

CVE-2020-25184

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-18 18:00:32
Last updated 2025-04-16 17:59:21
Assigner icscert
State PUBLISHED

Description

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure.