Main Vulnerability Database Vulnerabilities #VU25992

Cleartext storage of sensitive information in Rockwell Automation products - CVE-2020-6980

Published: March 11, 2020

Vulnerability identifier: #VU25992

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-6980

CWE-ID: CWE-312

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Rockwell Automation

Affected software:
MicroLogix 1400 Controllers Series A
MicroLogix 1400 Controllers Series B
Allen-Bradley MicroLogix 1100
RSLogix 500 Software

Detailed vulnerability description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists when Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500 due to sensitive information is written to the project file in cleartext. A local attacker with access to a victim’s project may be able to gather SMTP server authentication data.

How to mitigate CVE-2020-6980

Install updates from vendor's website.

Sources

https://ics-cert.us-cert.gov/advisories/icsa-20-070-06

Cleartext storage of sensitive information in Rockwell Automation products - CVE-2020-6980

Detailed vulnerability description

How to mitigate CVE-2020-6980

Sources

Please verify you're human