First published: Thu Feb 24 2022(Updated: )
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Factorytalk View | <=9.0 | |
Rockwellautomation Factorytalk View | =10.0 | |
Rockwell Automation FactoryTalk View SE Versions 9.0 and earlier | ||
Rockwell Automation FactoryTalk View SE Version 10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-14480 is a vulnerability that allows a local, authenticated attacker to access certain credentials, including Windows Logon credentials, due to usernames/passwords being stored in plaintext in Random Access Memory (RAM).
CVE-2020-14480 has a severity rating of medium, with a severity value of 5.5 out of 10.
Rockwellautomation Factorytalk View versions 9.0 and 10.0 are affected by CVE-2020-14480.
An attacker with local, authenticated access can exploit CVE-2020-14480 by gaining access to certain credentials stored in plaintext in the Random Access Memory (RAM).
To fix CVE-2020-14480, it is recommended to apply the necessary security patches and updates provided by Rockwell Automation.