CVE-2020-14516

Name of the Vulnerable Software and Affected Versions Rockwell Automation FactoryTalk Services Platform versions 6.10.00 through 6.11.00

Description The issue is related to the implementation of the SHA-256 hashing algorithm in the FactoryTalk Services Platform, which prevents user passwords from being hashed properly. This affects the security of user passwords.

Recommendations For versions 6.10.00 and 6.11.00, consider temporarily disabling password hashing until a proper fix is available. Restrict access to sensitive areas of the platform to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.