VYPR
Unrated severityNVD Advisory· Published Mar 18, 2022· Updated Apr 16, 2025

Rockwell Automation ISaGRAF5 Runtime Cleartext Transmission of Sensitive Information

CVE-2020-25178

Description

ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote unauthenticated attacker to upload, read, and delete files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.