CVE-2015-1010

Name of the Vulnerable Software and Affected Versions Rockwell Automation RSView32 versions 7.60.00 and earlier

Description The issue is related to errors in the password encryption algorithm of the RSView32 SCADA system, which can be exploited by a local attacker to gain access to the system and make unauthorized changes to the controlled process, potentially leading to its shutdown or creation of an emergency situation. Local users can obtain sensitive information by reading a file and conducting a decryption attack due to improper encryption of credentials.

Recommendations For Rockwell Automation RSView32 versions 7.60.00 and earlier, update to a version that properly encrypts credentials to prevent local users from obtaining sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.