Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2020-25176

🗓️ 18 Mar 2022 18:00:31Reported by icscertType 
cve
 cve🔗 web.nvd.nist.gov👁 80 Views

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol allows remote code execution

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
Circl		CVE-2020-25176
10 Mar 202604:00
circl
CNNVD		Rockwell Automation ISaGRAF 路径遍历漏洞
8 Jun 202100:00
cnnvd
Cvelist		CVE-2020-25176 Rockwell Automation ISaGRAF5 Runtime Relative Path Traversal
18 Mar 202218:00
cvelist
EUVD		EUVD-2020-17867
7 Oct 202500:30
euvd
ICS		Rockwell Automation ISaGRAF5 Runtime (Update A)
6 Oct 202000:00
ics
NVD		CVE-2020-25176
18 Mar 202218:15
nvd
OSV		CVE-2020-25176
18 Mar 202218:15
osv
Prion		Remote code execution
18 Mar 202218:15
prion
Positive Technologies		PT-2021-7842 · Rockwell Automation · Isagraf Runtime
8 Jun 202100:00
ptsecurity
RedhatCVE		CVE-2020-25176
5 Feb 202516:53
redhatcve
Rows per page
NVD
Vulners
Node
schneider-electriceasergy_t300_firmwareRange2.7.1
AND
schneider-electriceasergy_t300Match-
Node
schneider-electriceasergy_c5_firmwareRange<1.1.0
AND
schneider-electriceasergy_c5Match-
Node
schneider-electricmicom_c264_firmwareRange<d6.1
AND
schneider-electricmicom_c264Match-
Node
schneider-electricpacis_gtw_firmwareMatch5.1windows
OR
schneider-electricpacis_gtw_firmwareMatch5.2windows
OR
schneider-electricpacis_gtw_firmwareMatch6.1windows
OR
schneider-electricpacis_gtw_firmwareMatch6.3linux
OR
schneider-electricpacis_gtw_firmwareMatch6.3windows
AND
schneider-electricpacis_gtwMatch-
Node
schneider-electricsaitel_dp_firmwareRange11.06.21
AND
schneider-electricsaitel_dpMatch-
Node
schneider-electricepas_gtw_firmwareMatch6.4linux
OR
schneider-electricepas_gtw_firmwareMatch6.4windows
AND
schneider-electricepas_gtwMatch-
Node
schneider-electricsaitel_dr_firmwareRange11.06.12
AND
schneider-electricsaitel_drMatch-
Node
schneider-electricscd2200_firmwareRange10024
AND
schneider-electriccp-3Match-
OR
schneider-electricmc-31Match-
Node
rockwellautomationaadvance_controllerRange1.40
OR
rockwellautomationisagraf_free_runtimeRange6.6.8isagraf6_workbench
OR
rockwellautomationisagraf_runtimeRange5.06.0
Node
rockwellautomationmicro810_firmwareMatch-
AND
rockwellautomationmicro810Match-
Node
rockwellautomationmicro820_firmwareMatch-
AND
rockwellautomationmicro820Match-
Node
rockwellautomationmicro830_firmwareMatch-
AND
rockwellautomationmicro830Match-
Node
rockwellautomationmicro850_firmwareMatch-
AND
rockwellautomationmicro850Match-
Node
rockwellautomationmicro870_firmwareMatch-
AND
rockwellautomationmicro870Match-
Node
xylemmultismart_firmwareRange<3.2.0
[
  {
    "product": "ISaGRAF Runtime",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "4.x"
      },
      {
        "status": "affected",
        "version": "5.x"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 05:17Current
9.9High risk
Vulners AI Score9.9
CVSS 29.3
CVSS 3.19.1 - 9.8
EPSS0.03509
SSVC
CWE-23CWE-22
cve-2020-25176rockwell automationisagraf runtimeixl protocolremote code executionnvdsecurity vulnerability
80