CyberSec.Space Logo
Back to CVE Browser

CVE-2020-14516

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile8.18th
PublishedMar 18, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.

Affected Platforms (CPE)

📦
Rockwellautomation

Factorytalk Services Platform

= 6.10.00
📦
Rockwellautomation

Factorytalk Services Platform

= 6.11.00

References & Advisories

🔗 https://us-cert.cisa.gov/ics/advisories/icsa-21-054-01
🔗 https://us-cert.cisa.gov/ics/advisories/icsa-21-054-01

Related Vulnerabilities

CVE-2020-69679.8

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, Factory...

CVE-2020-120338.8

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate s...

CVE-2021-329608.5

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vu...

CVE-2012-47137.8

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR...