CVE-2015-1010

Published: May 31, 2015Modified: May 6, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does not properly encrypt credentials, which allows local users to obtain sensitive information by reading a file and conducting a decryption attack.

Affected (1)

Products: Rockwellautomation: Rsview32

Rockwellautomation

1 product

Rsview32

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Rockwellautomation Rsview32	Up to 7.60.00

Related CWEs

CWE-310

References (4)

https://ics-cert.us-cert.gov/advisories/ICSA-15-132-02

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/700915

Source: ics-cert@hq.dhs.gov

https://ics-cert.us-cert.gov/advisories/ICSA-15-132-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/700915

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.