The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-03 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2022-02-24T18:27:13.935478Z
Updated: 2024-09-16T17:27:38.289Z
Reserved: 2020-06-19T00:00:00
Link: CVE-2020-14481
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-02-24T19:15:08.853
Modified: 2022-03-04T18:28:11.570
Link: CVE-2020-14481
Redhat
No data.