Advisories

A remote attacker is able to decrypt passwords captured during a Man-in-the-Middle attack, because the affected software uses Tiny Encryption Algorithm (TEA) algorithm with fixed keys to encrypt transmitted passwords over ISaGRAF eXchange Layer* protocol. *ISaGRAF eXchange Layer (IXL) is Rockwell Automation's proprietary system protocol. Programming software ISaGRAF Workbench communicates over the protocol with based on ISaGRAF Runtime devices to manage program (resources) on the devices and to control the devices itself.