CVE-2020-25182

Name of the Vulnerable Software and Affected Versions Rockwell Automation ISaGRAF Runtime versions 4.x through 5.x

Description The issue is related to the uncontrolled loading of dynamic libraries by Rockwell Automation ISaGRAF Runtime, which could allow a local, unauthenticated attacker to execute arbitrary code. This problem only affects ISaGRAF Runtime when running on Microsoft Windows systems.

Recommendations For versions 4.x through 5.x, consider restricting the loading of dynamic libraries to prevent arbitrary code execution until a patch is available. As a temporary workaround, consider disabling the dynamic library loading feature in ISaGRAF Runtime until a fix is provided. Restrict access to the system to minimize the risk of exploitation.