Rockwell Automation RSView32 information leakage (CVE-2015-1010)
Rockwell Automation RSView32 information leakage (CVE-2015-1010)
Release date:
Updated on:
Affected Systems:
Rockwell Automation RSView32 <= 7.60.00 (CPR9 SR4)
Description:
CVE (CAN) ID: CVE-2015-1010
RSView32 is an HMI system used to monitor automated machines and processes.
RSView32 has a security vulnerability in the encryption method used to create Password Storage files. software users using the old algorithm can cause unauthorized decryption. After successful decryption, the user password will be leaked.
<* Source: vendor
Link: https://ics-cert.us-cert.gov/advisories/ICSA-15-132-02
*>
Suggestion:
Vendor patch:
Rockwell Automation
-------------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://rockwellautomation.custhelp.com/app/answers/detail/a_id/700915
This article permanently updates the link address: