Search
Find a vulnerability
Search criteria
58 vulnerabilities by B&R Industrial Automation
CVE-2025-3450 (GCVE-0-2025-3450)
Vulnerability from nvd – Published: 2025-10-07 18:03 – Updated: 2025-10-08 10:53
VLAI
EPSS
VEX
Title
Automation Runtime SDM requests may impact system
Summary
An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-413 - Improper Resource Locking
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
6.0 , < 6.3
(custom)
Affected: 4.0 , < Q4.93 (custom) |
Date Public
2025-10-07 00:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-07T19:53:23.114501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T19:53:53.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.3",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "Q4.93",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-10-07T00:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Resource Locking vulnerability in the SDM component of B\u0026amp;R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions.\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An Improper Resource Locking vulnerability in the SDM component of B\u0026R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-413",
"description": "CWE-413 Improper Resource Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T10:53:31.397Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA25P002-f6a69e61.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Automation Runtime SDM requests may impact system",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2025-3450",
"datePublished": "2025-10-07T18:03:53.869Z",
"dateReserved": "2025-04-08T14:10:02.547Z",
"dateUpdated": "2025-10-08T10:53:31.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8315 (GCVE-0-2024-8315)
Vulnerability from nvd – Published: 2025-03-25 04:31 – Updated: 2025-03-25 13:22
VLAI
EPSS
VEX
Title
Improper Handling of Insufficient Permissions or Privileges in B&R APROL
Summary
An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL <4.4-00P5 may allow an authenticated local attacker to read credential information.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8315",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T13:22:11.582928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T13:22:20.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P5",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B\u0026amp;R APROL \u0026lt;4.4-00P5 may allow an authenticated local attacker to read credential information.\u003cbr\u003e"
}
],
"value": "An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B\u0026R APROL \u003c4.4-00P5 may allow an authenticated local attacker to read credential information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:31:27.667Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Handling of Insufficient Permissions or Privileges in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-8315",
"datePublished": "2025-03-25T04:31:27.667Z",
"dateReserved": "2024-08-29T15:09:05.514Z",
"dateUpdated": "2025-03-25T13:22:20.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45482 (GCVE-0-2024-45482)
Vulnerability from nvd – Published: 2025-03-25 04:52 – Updated: 2025-03-25 14:23
VLAI
EPSS
VEX
Title
Privilege escalation in B&R APROL
Summary
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:23:37.210058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:23:53.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SSH server"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P1",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B\u0026amp;R APROL \u0026lt;4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands.\u003cbr\u003e"
}
],
"value": "An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B\u0026R APROL \u003c4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:52:56.296Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege escalation in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-45482",
"datePublished": "2025-03-25T04:52:56.296Z",
"dateReserved": "2024-08-29T15:08:43.767Z",
"dateUpdated": "2025-03-25T14:23:53.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45481 (GCVE-0-2024-45481)
Vulnerability from nvd – Published: 2025-03-25 04:52 – Updated: 2025-03-25 14:25
VLAI
EPSS
VEX
Title
Improper authentication in SSH of B&R APROL
Summary
An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-791 - Incomplete Filtering of Special Elements
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:25:06.996074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:25:20.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SSH server"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P5",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B\u0026amp;R APROL \u0026lt;4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user.\u003cbr\u003e"
}
],
"value": "An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B\u0026R APROL \u003c4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-791",
"description": "CWE-791: Incomplete Filtering of Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:52:06.675Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper authentication in SSH of B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-45481",
"datePublished": "2025-03-25T04:52:06.675Z",
"dateReserved": "2024-08-29T15:08:43.767Z",
"dateUpdated": "2025-03-25T14:25:20.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45480 (GCVE-0-2024-45480)
Vulnerability from nvd – Published: 2025-03-25 04:50 – Updated: 2025-03-25 14:32
VLAI
EPSS
VEX
Title
Unauthorized local file reading in B&R APROL
Summary
An improper control of generation of code ('Code Injection') vulnerability in the AprolCreateReport component of B&R APROL <4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:31:39.685844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:32:15.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AprolCreateReport"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P5",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper control of generation of code (\u0027Code Injection\u0027) vulnerability in the AprolCreateReport component of B\u0026amp;R APROL \u0026lt;4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system.\u003cbr\u003e"
}
],
"value": "An improper control of generation of code (\u0027Code Injection\u0027) vulnerability in the AprolCreateReport component of B\u0026R APROL \u003c4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:50:52.976Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized local file reading in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-45480",
"datePublished": "2025-03-25T04:50:52.976Z",
"dateReserved": "2024-08-29T15:08:43.767Z",
"dateUpdated": "2025-03-25T14:32:15.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8603 (GCVE-0-2024-8603)
Vulnerability from nvd – Published: 2025-01-15 15:31 – Updated: 2025-01-15 15:56
VLAI
EPSS
VEX
Summary
A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
6.0 , < 6.1
(custom)
Affected: 4.0 (custom) |
|
| B&R Industrial Automation | mapp View |
Affected:
6.0 , < 6.1
(custom)
Affected: 5.0 (custom) |
Date Public
2025-01-15 02:36
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:56:20.185680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:56:30.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.1",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp View",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.1",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-01-15T02:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A \u201cUse of a Broken or Risky Cryptographic Algorithm\u201d vulnerability in the SSL/TLS component used in B\u0026amp;R Automation Runtime versions before 6.1 and B\u0026amp;R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices.\u003cbr\u003e"
}
],
"value": "A \u201cUse of a Broken or Risky Cryptographic Algorithm\u201d vulnerability in the SSL/TLS component used in B\u0026R Automation Runtime versions before 6.1 and B\u0026R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:31:01.195Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA25P001-c478fad6.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-8603",
"datePublished": "2025-01-15T15:31:01.195Z",
"dateReserved": "2024-09-09T09:19:20.885Z",
"dateUpdated": "2025-01-15T15:56:30.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5624 (GCVE-0-2024-5624)
Vulnerability from nvd – Published: 2024-08-29 08:53 – Updated: 2024-08-29 13:40
VLAI
EPSS
VEX
Title
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL
Summary
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
0 , ≤ <= R 4.4-00P3
(custom)
|
Date Public
2024-08-29 08:51
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:40:19.780879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:40:31.563Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Shift Logbook"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "\u003c= R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-29T08:51:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B\u0026amp;R APROL \u0026lt;= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user\u0027s browser session"
}
],
"value": "Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B\u0026R APROL \u003c= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user\u0027s browser session"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:53:06.058Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P2014_Multiple_vulnerabilities_in_BR_APROL.pdf-367290ae.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5624",
"datePublished": "2024-08-29T08:53:06.058Z",
"dateReserved": "2024-06-04T08:28:17.633Z",
"dateUpdated": "2024-08-29T13:40:31.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5623 (GCVE-0-2024-5623)
Vulnerability from nvd – Published: 2024-08-29 08:51 – Updated: 2024-08-29 13:46
VLAI
EPSS
VEX
Title
Untrusted search path vulnerability in B&R APROL
Summary
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
0 , ≤ <= R 4.4-00P3
(custom)
|
|
| br-automation | industrial_automation_aprol |
Affected:
0 , ≤ r4.4-00p3
(custom)
cpe:2.3:a:br-automation:industrial_automation_aprol:*:*:*:*:*:*:*:* |
Date Public
2024-08-29 08:50
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:industrial_automation_aprol:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "industrial_automation_aprol",
"vendor": "br-automation",
"versions": [
{
"lessThanOrEqual": "r4.4-00p3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5623",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:41:36.809403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:46:16.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "\u003c= R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-29T08:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An untrusted search path vulnerability in B\u0026amp;R APROL \u0026lt;= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges."
}
],
"value": "An untrusted search path vulnerability in B\u0026R APROL \u003c= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "CWE-267 Privilege Defined With Unsafe Actions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:51:26.052Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P2014_Multiple_vulnerabilities_in_BR_APROL.pdf-367290ae.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Untrusted search path vulnerability in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5623",
"datePublished": "2024-08-29T08:51:26.052Z",
"dateReserved": "2024-06-04T08:28:15.984Z",
"dateUpdated": "2024-08-29T13:46:16.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5622 (GCVE-0-2024-5622)
Vulnerability from nvd – Published: 2024-08-29 08:49 – Updated: 2024-08-29 13:29
VLAI
EPSS
VEX
Title
Untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL
Summary
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
0 , ≤ <= R 4.2-07P3
(custom)
Affected: 0 , ≤ <= R 4.4-00P3 (custom) |
|
| b_and_r_industrial_automotion | b_and_r_aprol |
Affected:
0 , ≤ R 4.2-07P3
(custom)
Affected: 0 , ≤ R 4.4-00P3 (custom) cpe:2.3:a:b_and_r_industrial_automotion:b_and_r_aprol:*:*:*:*:*:*:*:* |
Date Public
2024-08-29 08:40
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:b_and_r_industrial_automotion:b_and_r_aprol:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "b_and_r_aprol",
"vendor": "b_and_r_industrial_automotion",
"versions": [
{
"lessThanOrEqual": "R 4.2-07P3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:21:46.036564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:29:24.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AprolConfigureCCServices"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "\u003c= R 4.2-07P3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "\u003c= R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-29T08:40:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An untrusted search path vulnerability in the AprolConfigureCCServices of B\u0026amp;R APROL \u0026lt;= R 4.2.-07P3 and \u0026lt;= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges."
}
],
"value": "An untrusted search path vulnerability in the AprolConfigureCCServices of B\u0026R APROL \u003c= R 4.2.-07P3 and \u003c= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "CWE-267 Privilege Defined With Unsafe Actions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:49:48.300Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P2014_Multiple_vulnerabilities_in_BR_APROL.pdf-367290ae.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Untrusted search path vulnerability in the AprolConfigureCCServices of B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5622",
"datePublished": "2024-08-29T08:49:48.300Z",
"dateReserved": "2024-06-04T08:28:13.545Z",
"dateUpdated": "2024-08-29T13:29:24.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5801 (GCVE-0-2024-5801)
Vulnerability from nvd – Published: 2024-08-10 03:52 – Updated: 2024-08-12 14:44
VLAI
EPSS
VEX
Title
IP Forwarding enabled in B&R Automation Runtime
Summary
Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
0 , < 6.0
(custom)
|
Date Public
2024-08-09 03:50
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:15:53.905942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:44:00.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"changes": [
{
"at": "6.0.2",
"status": "unaffected"
}
],
"lessThan": "6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-09T03:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Enabled IP Forwarding feature in B\u0026R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering."
}
],
"value": "Enabled IP Forwarding feature in B\u0026R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering."
}
],
"impacts": [
{
"capecId": "CAPEC-594",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-594 Traffic Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653 Improper Isolation or Compartmentalization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-10T03:52:02.326Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IP Forwarding enabled in B\u0026R Automation Runtime",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5801",
"datePublished": "2024-08-10T03:52:02.326Z",
"dateReserved": "2024-06-10T16:11:50.244Z",
"dateUpdated": "2024-08-12T14:44:00.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5800 (GCVE-0-2024-5800)
Vulnerability from nvd – Published: 2024-08-10 03:50 – Updated: 2024-08-12 14:32
VLAI
EPSS
VEX
Title
Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B&R Automation Runtime
Summary
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-326 - Inadequate Encryption Strength
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
0 , < 6.0.0
(custom)
|
Date Public
2024-08-09 03:43
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5800",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:32:07.188310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:32:22.309Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "SSL/TLS",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"changes": [
{
"at": "6.0.2",
"status": "unaffected"
}
],
"lessThan": "6.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-09T03:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B\u0026R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication."
}
],
"value": "Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B\u0026R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
},
{
"capecId": "CAPEC-148",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-148 Content Spoofing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-10T03:50:02.159Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B\u0026R Automation Runtime",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5800",
"datePublished": "2024-08-10T03:50:02.159Z",
"dateReserved": "2024-06-10T16:11:48.689Z",
"dateUpdated": "2024-08-12T14:32:22.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22280 (GCVE-0-2021-22280)
Vulnerability from nvd – Published: 2024-05-14 19:36 – Updated: 2024-08-03 18:37
VLAI
EPSS
VEX
Title
DLL Hijacking Vulnerability in Automation Studio
Summary
Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- DLL Hijacking Vulnerability in Automation Studio
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Studio |
Affected:
0 , < 4.12
(custom)
|
|
| br-automation | automation_studio |
Affected:
4.0 , < 4.12
(custom)
cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_studio",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.12",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-22280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T16:04:24.321651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T15:53:35.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Studio",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper DLL loading algorithms in B\u0026amp;R Automation Studio versions \u0026gt;=4.0 and \u0026lt;4.12 may allow an authenticated local attacker to execute code in the context of the product.\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper DLL loading algorithms in B\u0026R Automation Studio versions \u003e=4.0 and \u003c4.12 may allow an authenticated local attacker to execute code in the context of the product."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Hijacking Vulnerability in Automation Studio",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-27T07:33:47.854Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "DLL Hijacking Vulnerability in Automation Studio",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2021-22280",
"datePublished": "2024-05-14T19:36:51.930Z",
"dateReserved": "2021-01-05T17:31:49.080Z",
"dateUpdated": "2024-08-03T18:37:18.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2637 (GCVE-0-2024-2637)
Vulnerability from nvd – Published: 2024-05-14 18:49 – Updated: 2025-04-24 06:52
VLAI
EPSS
VEX
Title
Insecure Loading of Code in B&R Products
Summary
An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R Industrial Automation VC4, B&R Industrial Automation APROL, B&R Industrial Automation CAN Driver, B&R Industrial Automation CAN Driver CC770, B&R Industrial Automation CAN Driver SJA1000, B&R Industrial Automation Tou0ch Lock, B&R Industrial Automation B&R Single-Touch Driver, B&R Industrial Automation Serial User Mode Touch Driver, B&R Industrial Automation Windows Settings Changer (LTSC), B&R Industrial Automation Windows Settings Changer (2019 LTSC), B&R Industrial Automation Windows 10 Recovery Solution, B&R Industrial Automation ADI driver universal, B&R Industrial Automation ADI Development Kit, B&R Industrial Automation ADI .NET SDK, B&R Industrial Automation SRAM driver, B&R Industrial Automation HMI Service Center, B&R Industrial Automation HMI Service Center Maintenance, B&R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B&R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B&R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
1 reference
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Scene Viewer |
Affected:
0 , < 4.4.0
(custom)
|
|
| B&R Industrial Automation | Automation Runtime |
Affected:
0 , < J4.93
(custom)
|
|
| B&R Industrial Automation | mapp Vision |
Affected:
0 , < 5.26.1
(custom)
|
|
| B&R Industrial Automation | mapp View |
Affected:
0 , < 5.24.2
(custom)
|
|
| B&R Industrial Automation | mapp Cockpit |
Affected:
0 , < 5.24.2
(custom)
|
|
| B&R Industrial Automation | mapp Safety |
Affected:
0 , < 5.24.2
(custom)
|
|
| B&R Industrial Automation | VC4 |
Affected:
0 , < 4.73.2
(custom)
|
|
| B&R Industrial Automation | APROL |
Affected:
0 , < 4.4-01
(custom)
|
|
| B&R Industrial Automation | CAN Driver |
Affected:
0 , < 1.1.0
(custom)
|
|
| B&R Industrial Automation | CAN Driver CC770 |
Affected:
0 , < 3.3.0
(custom)
|
|
| B&R Industrial Automation | CAN Driver SJA1000 |
Affected:
0 , < 1.3.0
(custom)
|
|
| B&R Industrial Automation | Tou0ch Lock |
Affected:
0 , < 2.1.0
(custom)
|
|
| B&R Industrial Automation | B&R Single-Touch Driver |
Affected:
0 , < 2.0.0
(custom)
|
|
| B&R Industrial Automation | Serial User Mode Touch Driver |
Affected:
0 , < 1.7.1
(custom)
|
|
| B&R Industrial Automation | Windows Settings Changer (LTSC) |
Affected:
0 , < 3.2.0
(custom)
|
|
| B&R Industrial Automation | Windows Settings Changer (2019 LTSC) |
Affected:
0 , < 2.2.0
(custom)
|
|
| B&R Industrial Automation | Windows 10 Recovery Solution |
Affected:
0 , < 3.2.0
(custom)
|
|
| B&R Industrial Automation | ADI driver universal |
Affected:
0 , < 3.2.0
(custom)
|
|
| B&R Industrial Automation | ADI Development Kit |
Affected:
0 , < 5.5.0
(custom)
|
|
| B&R Industrial Automation | ADI .NET SDK |
Affected:
0 , < 4.1.0
(custom)
|
|
| B&R Industrial Automation | SRAM driver |
Affected:
0 , < 1.2.0
(custom)
|
|
| B&R Industrial Automation | HMI Service Center |
Affected:
0 , < 3.1.0
(custom)
|
|
| B&R Industrial Automation | HMI Service Center Maintenance |
Affected:
0 , < 2.1.0
(custom)
|
|
| B&R Industrial Automation | Windows 10 IoT Enterprise 2019 LTSC |
Affected:
0 , ≤ 1.1
(custom)
|
|
| B&R Industrial Automation | KCF Editor |
Affected:
0 , < 1.1.0
(custom)
|
|
| br-automation | scene_viewer |
Affected:
0 , < 4.4.0
(custom)
cpe:2.3:a:br-automation:scene_viewer:*:*:*:*:*:*:*:* |
|
| br-automation | automation_runtime |
Affected:
0 , < j4.93
(custom)
cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:* |
|
| br-automation | mapp_vision |
Affected:
0 , < 5.26.1
(custom)
cpe:2.3:a:br-automation:mapp_vision:*:*:*:*:*:*:*:* |
|
| br-automation | mapp_view |
Affected:
0 , < 5.24.2
(custom)
cpe:2.3:a:br-automation:mapp_view:*:*:*:*:*:*:*:* |
|
| br-automation | mapp_cockpit |
Affected:
0 , < 5.24.2
(custom)
cpe:2.3:a:br-automation:mapp_cockpit:*:*:*:*:*:*:*:* |
|
| br-automation | vc4 |
Affected:
0 , < 4.73.2
(custom)
cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:* |
Date Public
2025-04-02 18:50
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:scene_viewer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scene_viewer",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_runtime",
"vendor": "br-automation",
"versions": [
{
"lessThan": "j4.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_vision:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_vision",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.26.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_view:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_view",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_cockpit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_cockpit",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vc4",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.73.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2637",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T19:33:12.195778Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T14:56:12.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:48.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Scene Viewer",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "J4.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Vision",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.26.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp View",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Cockpit",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Safety",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VC4",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.73.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver CC770",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver SJA1000",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Tou0ch Lock",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "B\u0026R Single-Touch Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Serial User Mode Touch Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.7.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows Settings Changer (LTSC)",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows Settings Changer (2019 LTSC)",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows 10 Recovery Solution",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI driver universal",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI Development Kit",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI .NET SDK",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SRAM driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HMI Service Center",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HMI Service Center Maintenance",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows 10 IoT Enterprise 2019 LTSC",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "KCF Editor",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-04-02T18:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Uncontrolled Search Path Element vulnerability\u0026nbsp;in B\u0026amp;R Industrial Automation Scene Viewer, B\u0026amp;R Industrial Automation Automation Runtime, B\u0026amp;R Industrial Automation mapp Vision, B\u0026amp;R Industrial Automation mapp View, B\u0026amp;R Industrial Automation mapp Cockpit, B\u0026amp;R Industrial Automation mapp Safety, B\u0026amp;R Industrial Automation VC4, B\u0026amp;R Industrial Automation APROL, B\u0026amp;R Industrial Automation CAN Driver, B\u0026amp;R Industrial Automation CAN Driver CC770, B\u0026amp;R Industrial Automation CAN Driver SJA1000, B\u0026amp;R Industrial Automation Tou0ch Lock, B\u0026amp;R Industrial Automation B\u0026amp;R Single-Touch Driver, B\u0026amp;R Industrial Automation Serial User Mode Touch Driver, B\u0026amp;R Industrial Automation Windows Settings Changer (LTSC), B\u0026amp;R Industrial Automation Windows Settings Changer (2019 LTSC), B\u0026amp;R Industrial Automation Windows 10 Recovery Solution, B\u0026amp;R Industrial Automation ADI driver universal, B\u0026amp;R Industrial Automation ADI Development Kit, B\u0026amp;R Industrial Automation ADI .NET SDK, B\u0026amp;R Industrial Automation SRAM driver, B\u0026amp;R Industrial Automation HMI Service Center, B\u0026amp;R Industrial Automation HMI Service Center Maintenance, B\u0026amp;R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B\u0026amp;R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..\u003cp\u003eThis issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B\u0026amp;R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0.\u003c/p\u003e"
}
],
"value": "An Uncontrolled Search Path Element vulnerability\u00a0in B\u0026R Industrial Automation Scene Viewer, B\u0026R Industrial Automation Automation Runtime, B\u0026R Industrial Automation mapp Vision, B\u0026R Industrial Automation mapp View, B\u0026R Industrial Automation mapp Cockpit, B\u0026R Industrial Automation mapp Safety, B\u0026R Industrial Automation VC4, B\u0026R Industrial Automation APROL, B\u0026R Industrial Automation CAN Driver, B\u0026R Industrial Automation CAN Driver CC770, B\u0026R Industrial Automation CAN Driver SJA1000, B\u0026R Industrial Automation Tou0ch Lock, B\u0026R Industrial Automation B\u0026R Single-Touch Driver, B\u0026R Industrial Automation Serial User Mode Touch Driver, B\u0026R Industrial Automation Windows Settings Changer (LTSC), B\u0026R Industrial Automation Windows Settings Changer (2019 LTSC), B\u0026R Industrial Automation Windows 10 Recovery Solution, B\u0026R Industrial Automation ADI driver universal, B\u0026R Industrial Automation ADI Development Kit, B\u0026R Industrial Automation ADI .NET SDK, B\u0026R Industrial Automation SRAM driver, B\u0026R Industrial Automation HMI Service Center, B\u0026R Industrial Automation HMI Service Center Maintenance, B\u0026R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B\u0026R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B\u0026R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-641",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-641 DLL Side-Loading"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T06:52:46.092Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Loading of Code in B\u0026R Products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-2637",
"datePublished": "2024-05-14T18:49:28.624Z",
"dateReserved": "2024-03-19T08:15:24.368Z",
"dateUpdated": "2025-04-24T06:52:46.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0220 (GCVE-0-2024-0220)
Vulnerability from nvd – Published: 2024-02-22 10:15 – Updated: 2024-09-19 17:24
VLAI
EPSS
VEX
Title
B&R products use insufficient communication encryption
Summary
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.
Severity
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Studio |
Affected:
4.0 , < 4.6
(patch)
|
|
| B&R Industrial Automation | Technology Guarding |
Affected:
1.0.0 , < 1.4.0
(patch)
|
|
| br-automation | automation_studio |
Affected:
4.0 , < 4.6
(custom)
cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:* |
Date Public
2024-02-22 10:10
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA23P019_Automation_Studio_Upgrade_Service_uses_insufficient_encryption.pdf-1b3b181c.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_studio",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.6",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T16:23:26.378691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:52:09.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Upgrade Service"
],
"product": "Automation Studio",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.6",
"status": "affected",
"version": "4.0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Technology Guarding",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "1.0.0",
"versionType": "patch"
}
]
}
],
"datePublic": "2024-02-22T10:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "B\u0026amp;R Automation Studio Upgrade Service and B\u0026amp;R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.\n\n\u003cbr\u003e"
}
],
"value": "B\u0026R Automation Studio Upgrade Service and B\u0026R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1240",
"description": "CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T17:24:51.723Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P019_Automation_Studio_Upgrade_Service_uses_insufficient_encryption.pdf-1b3b181c.pdf"
}
],
"source": {
"advisory": "2023-P019",
"discovery": "INTERNAL"
},
"title": "B\u0026R products use insufficient communication encryption",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-0220",
"datePublished": "2024-02-22T10:15:44.750Z",
"dateReserved": "2024-01-03T15:46:41.224Z",
"dateUpdated": "2024-09-19T17:24:51.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6028 (GCVE-0-2023-6028)
Vulnerability from nvd – Published: 2024-02-05 17:33 – Updated: 2024-08-02 08:21
VLAI
EPSS
VEX
Title
SDM Web interface vulnerable to XSS
Summary
A reflected
cross-site scripting (XSS) vulnerability exists in the SVG version of System
Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that
enables a remote attacker to execute arbitrary JavaScript code in the context
of the attacked user’s browser session.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
14.0 , < 14.93
(patch)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T18:48:50.631233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:03.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA23P018_SDM_Web_interface_vulnerable_to_XSS-1d75bee8.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SDM"
],
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "14.93",
"status": "affected",
"version": "14.0",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA reflected\ncross-site scripting (XSS) vulnerability exists in the SVG version of System\nDiagnostics Manager of B\u0026amp;R Automation Runtime versions \u0026lt;= G4.93 that\nenables a remote attacker to execute arbitrary JavaScript code in the context\nof the attacked user\u2019s browser session.\u003c/p\u003e\n\n\n\n\n\n"
}
],
"value": "A reflected\ncross-site scripting (XSS) vulnerability exists in the SVG version of System\nDiagnostics Manager of B\u0026R Automation Runtime versions \u003c= G4.93 that\nenables a remote attacker to execute arbitrary JavaScript code in the context\nof the attacked user\u2019s browser session.\n\n\n\n\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T13:54:25.416Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P018_SDM_Web_interface_vulnerable_to_XSS-1d75bee8.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update is available that resolves a vulnerability in the product versions listed above."
}
],
"value": "An update is available that resolves a vulnerability in the product versions listed above."
}
],
"source": {
"advisory": "SA23P018",
"discovery": "INTERNAL"
},
"title": "SDM Web interface vulnerable to XSS",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDo not use Hyperlinks provided by untrusted 3rd party to access the SDM. Hyperlinks may be provided via:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eEmails from unknown users\u003c/li\u003e\u003cli\u003eSocial media channels\u003c/li\u003e\u003cli\u003eMessaging services\u003c/li\u003e\u003cli\u003eWebpages with comment functionality\u003c/li\u003e\u003cli\u003eQR Codes\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe use of external Web Application Firewalls (WAF) can mitigate attacks using reflected cross-site scripting.\u003c/p\u003e"
}
],
"value": "\nDo not use Hyperlinks provided by untrusted 3rd party to access the SDM. Hyperlinks may be provided via:\n\n\n\n * Emails from unknown users\n * Social media channels\n * Messaging services\n * Webpages with comment functionality\n * QR Codes\n\n\n\n\nThe use of external Web Application Firewalls (WAF) can mitigate attacks using reflected cross-site scripting.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2023-6028",
"datePublished": "2024-02-05T17:33:34.785Z",
"dateReserved": "2023-11-08T10:17:50.175Z",
"dateUpdated": "2024-08-02T08:21:17.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3450 (GCVE-0-2025-3450)
Vulnerability from cvelistv5 – Published: 2025-10-07 18:03 – Updated: 2025-10-08 10:53
VLAI
EPSS
VEX
Title
Automation Runtime SDM requests may impact system
Summary
An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-413 - Improper Resource Locking
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
6.0 , < 6.3
(custom)
Affected: 4.0 , < Q4.93 (custom) |
Date Public
2025-10-07 00:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-07T19:53:23.114501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T19:53:53.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.3",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "Q4.93",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-10-07T00:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Resource Locking vulnerability in the SDM component of B\u0026amp;R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions.\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An Improper Resource Locking vulnerability in the SDM component of B\u0026R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-413",
"description": "CWE-413 Improper Resource Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T10:53:31.397Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA25P002-f6a69e61.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Automation Runtime SDM requests may impact system",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2025-3450",
"datePublished": "2025-10-07T18:03:53.869Z",
"dateReserved": "2025-04-08T14:10:02.547Z",
"dateUpdated": "2025-10-08T10:53:31.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45482 (GCVE-0-2024-45482)
Vulnerability from cvelistv5 – Published: 2025-03-25 04:52 – Updated: 2025-03-25 14:23
VLAI
EPSS
VEX
Title
Privilege escalation in B&R APROL
Summary
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:23:37.210058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:23:53.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SSH server"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P1",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B\u0026amp;R APROL \u0026lt;4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands.\u003cbr\u003e"
}
],
"value": "An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B\u0026R APROL \u003c4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:52:56.296Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege escalation in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-45482",
"datePublished": "2025-03-25T04:52:56.296Z",
"dateReserved": "2024-08-29T15:08:43.767Z",
"dateUpdated": "2025-03-25T14:23:53.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45481 (GCVE-0-2024-45481)
Vulnerability from cvelistv5 – Published: 2025-03-25 04:52 – Updated: 2025-03-25 14:25
VLAI
EPSS
VEX
Title
Improper authentication in SSH of B&R APROL
Summary
An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-791 - Incomplete Filtering of Special Elements
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:25:06.996074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:25:20.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SSH server"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P5",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B\u0026amp;R APROL \u0026lt;4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user.\u003cbr\u003e"
}
],
"value": "An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B\u0026R APROL \u003c4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-791",
"description": "CWE-791: Incomplete Filtering of Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:52:06.675Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper authentication in SSH of B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-45481",
"datePublished": "2025-03-25T04:52:06.675Z",
"dateReserved": "2024-08-29T15:08:43.767Z",
"dateUpdated": "2025-03-25T14:25:20.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45480 (GCVE-0-2024-45480)
Vulnerability from cvelistv5 – Published: 2025-03-25 04:50 – Updated: 2025-03-25 14:32
VLAI
EPSS
VEX
Title
Unauthorized local file reading in B&R APROL
Summary
An improper control of generation of code ('Code Injection') vulnerability in the AprolCreateReport component of B&R APROL <4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:31:39.685844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:32:15.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AprolCreateReport"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P5",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper control of generation of code (\u0027Code Injection\u0027) vulnerability in the AprolCreateReport component of B\u0026amp;R APROL \u0026lt;4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system.\u003cbr\u003e"
}
],
"value": "An improper control of generation of code (\u0027Code Injection\u0027) vulnerability in the AprolCreateReport component of B\u0026R APROL \u003c4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:50:52.976Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized local file reading in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-45480",
"datePublished": "2025-03-25T04:50:52.976Z",
"dateReserved": "2024-08-29T15:08:43.767Z",
"dateUpdated": "2025-03-25T14:32:15.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8315 (GCVE-0-2024-8315)
Vulnerability from cvelistv5 – Published: 2025-03-25 04:31 – Updated: 2025-03-25 13:22
VLAI
EPSS
VEX
Title
Improper Handling of Insufficient Permissions or Privileges in B&R APROL
Summary
An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL <4.4-00P5 may allow an authenticated local attacker to read credential information.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
R4.4 , < 4.4-00P5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8315",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T13:22:11.582928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T13:22:20.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-00P5",
"status": "affected",
"version": "R4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B\u0026amp;R APROL \u0026lt;4.4-00P5 may allow an authenticated local attacker to read credential information.\u003cbr\u003e"
}
],
"value": "An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B\u0026R APROL \u003c4.4-00P5 may allow an authenticated local attacker to read credential information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T04:31:27.667Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P015-77573c08.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Handling of Insufficient Permissions or Privileges in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-8315",
"datePublished": "2025-03-25T04:31:27.667Z",
"dateReserved": "2024-08-29T15:09:05.514Z",
"dateUpdated": "2025-03-25T13:22:20.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8603 (GCVE-0-2024-8603)
Vulnerability from cvelistv5 – Published: 2025-01-15 15:31 – Updated: 2025-01-15 15:56
VLAI
EPSS
VEX
Summary
A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
6.0 , < 6.1
(custom)
Affected: 4.0 (custom) |
|
| B&R Industrial Automation | mapp View |
Affected:
6.0 , < 6.1
(custom)
Affected: 5.0 (custom) |
Date Public
2025-01-15 02:36
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:56:20.185680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:56:30.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.1",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp View",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.1",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-01-15T02:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A \u201cUse of a Broken or Risky Cryptographic Algorithm\u201d vulnerability in the SSL/TLS component used in B\u0026amp;R Automation Runtime versions before 6.1 and B\u0026amp;R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices.\u003cbr\u003e"
}
],
"value": "A \u201cUse of a Broken or Risky Cryptographic Algorithm\u201d vulnerability in the SSL/TLS component used in B\u0026R Automation Runtime versions before 6.1 and B\u0026R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:31:01.195Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA25P001-c478fad6.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-8603",
"datePublished": "2025-01-15T15:31:01.195Z",
"dateReserved": "2024-09-09T09:19:20.885Z",
"dateUpdated": "2025-01-15T15:56:30.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5624 (GCVE-0-2024-5624)
Vulnerability from cvelistv5 – Published: 2024-08-29 08:53 – Updated: 2024-08-29 13:40
VLAI
EPSS
VEX
Title
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL
Summary
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
0 , ≤ <= R 4.4-00P3
(custom)
|
Date Public
2024-08-29 08:51
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:40:19.780879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:40:31.563Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Shift Logbook"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "\u003c= R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-29T08:51:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B\u0026amp;R APROL \u0026lt;= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user\u0027s browser session"
}
],
"value": "Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B\u0026R APROL \u003c= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user\u0027s browser session"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:53:06.058Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P2014_Multiple_vulnerabilities_in_BR_APROL.pdf-367290ae.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5624",
"datePublished": "2024-08-29T08:53:06.058Z",
"dateReserved": "2024-06-04T08:28:17.633Z",
"dateUpdated": "2024-08-29T13:40:31.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5623 (GCVE-0-2024-5623)
Vulnerability from cvelistv5 – Published: 2024-08-29 08:51 – Updated: 2024-08-29 13:46
VLAI
EPSS
VEX
Title
Untrusted search path vulnerability in B&R APROL
Summary
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
0 , ≤ <= R 4.4-00P3
(custom)
|
|
| br-automation | industrial_automation_aprol |
Affected:
0 , ≤ r4.4-00p3
(custom)
cpe:2.3:a:br-automation:industrial_automation_aprol:*:*:*:*:*:*:*:* |
Date Public
2024-08-29 08:50
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:industrial_automation_aprol:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "industrial_automation_aprol",
"vendor": "br-automation",
"versions": [
{
"lessThanOrEqual": "r4.4-00p3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5623",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:41:36.809403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:46:16.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "\u003c= R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-29T08:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An untrusted search path vulnerability in B\u0026amp;R APROL \u0026lt;= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges."
}
],
"value": "An untrusted search path vulnerability in B\u0026R APROL \u003c= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "CWE-267 Privilege Defined With Unsafe Actions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:51:26.052Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P2014_Multiple_vulnerabilities_in_BR_APROL.pdf-367290ae.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Untrusted search path vulnerability in B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5623",
"datePublished": "2024-08-29T08:51:26.052Z",
"dateReserved": "2024-06-04T08:28:15.984Z",
"dateUpdated": "2024-08-29T13:46:16.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5622 (GCVE-0-2024-5622)
Vulnerability from cvelistv5 – Published: 2024-08-29 08:49 – Updated: 2024-08-29 13:29
VLAI
EPSS
VEX
Title
Untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL
Summary
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | B&R APROL |
Affected:
0 , ≤ <= R 4.2-07P3
(custom)
Affected: 0 , ≤ <= R 4.4-00P3 (custom) |
|
| b_and_r_industrial_automotion | b_and_r_aprol |
Affected:
0 , ≤ R 4.2-07P3
(custom)
Affected: 0 , ≤ R 4.4-00P3 (custom) cpe:2.3:a:b_and_r_industrial_automotion:b_and_r_aprol:*:*:*:*:*:*:*:* |
Date Public
2024-08-29 08:40
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:b_and_r_industrial_automotion:b_and_r_aprol:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "b_and_r_aprol",
"vendor": "b_and_r_industrial_automotion",
"versions": [
{
"lessThanOrEqual": "R 4.2-07P3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:21:46.036564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:29:24.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AprolConfigureCCServices"
],
"product": "B\u0026R APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "\u003c= R 4.2-07P3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "\u003c= R 4.4-00P3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-29T08:40:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An untrusted search path vulnerability in the AprolConfigureCCServices of B\u0026amp;R APROL \u0026lt;= R 4.2.-07P3 and \u0026lt;= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges."
}
],
"value": "An untrusted search path vulnerability in the AprolConfigureCCServices of B\u0026R APROL \u003c= R 4.2.-07P3 and \u003c= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "CWE-267 Privilege Defined With Unsafe Actions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:49:48.300Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P2014_Multiple_vulnerabilities_in_BR_APROL.pdf-367290ae.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Untrusted search path vulnerability in the AprolConfigureCCServices of B\u0026R APROL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5622",
"datePublished": "2024-08-29T08:49:48.300Z",
"dateReserved": "2024-06-04T08:28:13.545Z",
"dateUpdated": "2024-08-29T13:29:24.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5801 (GCVE-0-2024-5801)
Vulnerability from cvelistv5 – Published: 2024-08-10 03:52 – Updated: 2024-08-12 14:44
VLAI
EPSS
VEX
Title
IP Forwarding enabled in B&R Automation Runtime
Summary
Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
0 , < 6.0
(custom)
|
Date Public
2024-08-09 03:50
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:15:53.905942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:44:00.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"changes": [
{
"at": "6.0.2",
"status": "unaffected"
}
],
"lessThan": "6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-09T03:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Enabled IP Forwarding feature in B\u0026R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering."
}
],
"value": "Enabled IP Forwarding feature in B\u0026R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering."
}
],
"impacts": [
{
"capecId": "CAPEC-594",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-594 Traffic Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653 Improper Isolation or Compartmentalization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-10T03:52:02.326Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IP Forwarding enabled in B\u0026R Automation Runtime",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5801",
"datePublished": "2024-08-10T03:52:02.326Z",
"dateReserved": "2024-06-10T16:11:50.244Z",
"dateUpdated": "2024-08-12T14:44:00.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5800 (GCVE-0-2024-5800)
Vulnerability from cvelistv5 – Published: 2024-08-10 03:50 – Updated: 2024-08-12 14:32
VLAI
EPSS
VEX
Title
Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B&R Automation Runtime
Summary
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-326 - Inadequate Encryption Strength
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
0 , < 6.0.0
(custom)
|
Date Public
2024-08-09 03:43
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5800",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:32:07.188310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:32:22.309Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "SSL/TLS",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"changes": [
{
"at": "6.0.2",
"status": "unaffected"
}
],
"lessThan": "6.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-09T03:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B\u0026R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication."
}
],
"value": "Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B\u0026R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
},
{
"capecId": "CAPEC-148",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-148 Content Spoofing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-10T03:50:02.159Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B\u0026R Automation Runtime",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5800",
"datePublished": "2024-08-10T03:50:02.159Z",
"dateReserved": "2024-06-10T16:11:48.689Z",
"dateUpdated": "2024-08-12T14:32:22.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22280 (GCVE-0-2021-22280)
Vulnerability from cvelistv5 – Published: 2024-05-14 19:36 – Updated: 2024-08-03 18:37
VLAI
EPSS
VEX
Title
DLL Hijacking Vulnerability in Automation Studio
Summary
Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- DLL Hijacking Vulnerability in Automation Studio
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Studio |
Affected:
0 , < 4.12
(custom)
|
|
| br-automation | automation_studio |
Affected:
4.0 , < 4.12
(custom)
cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_studio",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.12",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-22280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T16:04:24.321651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T15:53:35.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Studio",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper DLL loading algorithms in B\u0026amp;R Automation Studio versions \u0026gt;=4.0 and \u0026lt;4.12 may allow an authenticated local attacker to execute code in the context of the product.\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper DLL loading algorithms in B\u0026R Automation Studio versions \u003e=4.0 and \u003c4.12 may allow an authenticated local attacker to execute code in the context of the product."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Hijacking Vulnerability in Automation Studio",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-27T07:33:47.854Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "DLL Hijacking Vulnerability in Automation Studio",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2021-22280",
"datePublished": "2024-05-14T19:36:51.930Z",
"dateReserved": "2021-01-05T17:31:49.080Z",
"dateUpdated": "2024-08-03T18:37:18.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2637 (GCVE-0-2024-2637)
Vulnerability from cvelistv5 – Published: 2024-05-14 18:49 – Updated: 2025-04-24 06:52
VLAI
EPSS
VEX
Title
Insecure Loading of Code in B&R Products
Summary
An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R Industrial Automation VC4, B&R Industrial Automation APROL, B&R Industrial Automation CAN Driver, B&R Industrial Automation CAN Driver CC770, B&R Industrial Automation CAN Driver SJA1000, B&R Industrial Automation Tou0ch Lock, B&R Industrial Automation B&R Single-Touch Driver, B&R Industrial Automation Serial User Mode Touch Driver, B&R Industrial Automation Windows Settings Changer (LTSC), B&R Industrial Automation Windows Settings Changer (2019 LTSC), B&R Industrial Automation Windows 10 Recovery Solution, B&R Industrial Automation ADI driver universal, B&R Industrial Automation ADI Development Kit, B&R Industrial Automation ADI .NET SDK, B&R Industrial Automation SRAM driver, B&R Industrial Automation HMI Service Center, B&R Industrial Automation HMI Service Center Maintenance, B&R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B&R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B&R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
1 reference
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Scene Viewer |
Affected:
0 , < 4.4.0
(custom)
|
|
| B&R Industrial Automation | Automation Runtime |
Affected:
0 , < J4.93
(custom)
|
|
| B&R Industrial Automation | mapp Vision |
Affected:
0 , < 5.26.1
(custom)
|
|
| B&R Industrial Automation | mapp View |
Affected:
0 , < 5.24.2
(custom)
|
|
| B&R Industrial Automation | mapp Cockpit |
Affected:
0 , < 5.24.2
(custom)
|
|
| B&R Industrial Automation | mapp Safety |
Affected:
0 , < 5.24.2
(custom)
|
|
| B&R Industrial Automation | VC4 |
Affected:
0 , < 4.73.2
(custom)
|
|
| B&R Industrial Automation | APROL |
Affected:
0 , < 4.4-01
(custom)
|
|
| B&R Industrial Automation | CAN Driver |
Affected:
0 , < 1.1.0
(custom)
|
|
| B&R Industrial Automation | CAN Driver CC770 |
Affected:
0 , < 3.3.0
(custom)
|
|
| B&R Industrial Automation | CAN Driver SJA1000 |
Affected:
0 , < 1.3.0
(custom)
|
|
| B&R Industrial Automation | Tou0ch Lock |
Affected:
0 , < 2.1.0
(custom)
|
|
| B&R Industrial Automation | B&R Single-Touch Driver |
Affected:
0 , < 2.0.0
(custom)
|
|
| B&R Industrial Automation | Serial User Mode Touch Driver |
Affected:
0 , < 1.7.1
(custom)
|
|
| B&R Industrial Automation | Windows Settings Changer (LTSC) |
Affected:
0 , < 3.2.0
(custom)
|
|
| B&R Industrial Automation | Windows Settings Changer (2019 LTSC) |
Affected:
0 , < 2.2.0
(custom)
|
|
| B&R Industrial Automation | Windows 10 Recovery Solution |
Affected:
0 , < 3.2.0
(custom)
|
|
| B&R Industrial Automation | ADI driver universal |
Affected:
0 , < 3.2.0
(custom)
|
|
| B&R Industrial Automation | ADI Development Kit |
Affected:
0 , < 5.5.0
(custom)
|
|
| B&R Industrial Automation | ADI .NET SDK |
Affected:
0 , < 4.1.0
(custom)
|
|
| B&R Industrial Automation | SRAM driver |
Affected:
0 , < 1.2.0
(custom)
|
|
| B&R Industrial Automation | HMI Service Center |
Affected:
0 , < 3.1.0
(custom)
|
|
| B&R Industrial Automation | HMI Service Center Maintenance |
Affected:
0 , < 2.1.0
(custom)
|
|
| B&R Industrial Automation | Windows 10 IoT Enterprise 2019 LTSC |
Affected:
0 , ≤ 1.1
(custom)
|
|
| B&R Industrial Automation | KCF Editor |
Affected:
0 , < 1.1.0
(custom)
|
|
| br-automation | scene_viewer |
Affected:
0 , < 4.4.0
(custom)
cpe:2.3:a:br-automation:scene_viewer:*:*:*:*:*:*:*:* |
|
| br-automation | automation_runtime |
Affected:
0 , < j4.93
(custom)
cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:* |
|
| br-automation | mapp_vision |
Affected:
0 , < 5.26.1
(custom)
cpe:2.3:a:br-automation:mapp_vision:*:*:*:*:*:*:*:* |
|
| br-automation | mapp_view |
Affected:
0 , < 5.24.2
(custom)
cpe:2.3:a:br-automation:mapp_view:*:*:*:*:*:*:*:* |
|
| br-automation | mapp_cockpit |
Affected:
0 , < 5.24.2
(custom)
cpe:2.3:a:br-automation:mapp_cockpit:*:*:*:*:*:*:*:* |
|
| br-automation | vc4 |
Affected:
0 , < 4.73.2
(custom)
cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:* |
Date Public
2025-04-02 18:50
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:scene_viewer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scene_viewer",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_runtime",
"vendor": "br-automation",
"versions": [
{
"lessThan": "j4.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_vision:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_vision",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.26.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_view:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_view",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_cockpit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_cockpit",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vc4",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.73.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2637",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T19:33:12.195778Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T14:56:12.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:48.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Scene Viewer",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "J4.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Vision",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.26.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp View",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Cockpit",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Safety",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VC4",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.73.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver CC770",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver SJA1000",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Tou0ch Lock",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "B\u0026R Single-Touch Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Serial User Mode Touch Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.7.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows Settings Changer (LTSC)",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows Settings Changer (2019 LTSC)",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows 10 Recovery Solution",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI driver universal",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI Development Kit",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI .NET SDK",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SRAM driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HMI Service Center",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HMI Service Center Maintenance",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows 10 IoT Enterprise 2019 LTSC",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "KCF Editor",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-04-02T18:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Uncontrolled Search Path Element vulnerability\u0026nbsp;in B\u0026amp;R Industrial Automation Scene Viewer, B\u0026amp;R Industrial Automation Automation Runtime, B\u0026amp;R Industrial Automation mapp Vision, B\u0026amp;R Industrial Automation mapp View, B\u0026amp;R Industrial Automation mapp Cockpit, B\u0026amp;R Industrial Automation mapp Safety, B\u0026amp;R Industrial Automation VC4, B\u0026amp;R Industrial Automation APROL, B\u0026amp;R Industrial Automation CAN Driver, B\u0026amp;R Industrial Automation CAN Driver CC770, B\u0026amp;R Industrial Automation CAN Driver SJA1000, B\u0026amp;R Industrial Automation Tou0ch Lock, B\u0026amp;R Industrial Automation B\u0026amp;R Single-Touch Driver, B\u0026amp;R Industrial Automation Serial User Mode Touch Driver, B\u0026amp;R Industrial Automation Windows Settings Changer (LTSC), B\u0026amp;R Industrial Automation Windows Settings Changer (2019 LTSC), B\u0026amp;R Industrial Automation Windows 10 Recovery Solution, B\u0026amp;R Industrial Automation ADI driver universal, B\u0026amp;R Industrial Automation ADI Development Kit, B\u0026amp;R Industrial Automation ADI .NET SDK, B\u0026amp;R Industrial Automation SRAM driver, B\u0026amp;R Industrial Automation HMI Service Center, B\u0026amp;R Industrial Automation HMI Service Center Maintenance, B\u0026amp;R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B\u0026amp;R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..\u003cp\u003eThis issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B\u0026amp;R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0.\u003c/p\u003e"
}
],
"value": "An Uncontrolled Search Path Element vulnerability\u00a0in B\u0026R Industrial Automation Scene Viewer, B\u0026R Industrial Automation Automation Runtime, B\u0026R Industrial Automation mapp Vision, B\u0026R Industrial Automation mapp View, B\u0026R Industrial Automation mapp Cockpit, B\u0026R Industrial Automation mapp Safety, B\u0026R Industrial Automation VC4, B\u0026R Industrial Automation APROL, B\u0026R Industrial Automation CAN Driver, B\u0026R Industrial Automation CAN Driver CC770, B\u0026R Industrial Automation CAN Driver SJA1000, B\u0026R Industrial Automation Tou0ch Lock, B\u0026R Industrial Automation B\u0026R Single-Touch Driver, B\u0026R Industrial Automation Serial User Mode Touch Driver, B\u0026R Industrial Automation Windows Settings Changer (LTSC), B\u0026R Industrial Automation Windows Settings Changer (2019 LTSC), B\u0026R Industrial Automation Windows 10 Recovery Solution, B\u0026R Industrial Automation ADI driver universal, B\u0026R Industrial Automation ADI Development Kit, B\u0026R Industrial Automation ADI .NET SDK, B\u0026R Industrial Automation SRAM driver, B\u0026R Industrial Automation HMI Service Center, B\u0026R Industrial Automation HMI Service Center Maintenance, B\u0026R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B\u0026R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B\u0026R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-641",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-641 DLL Side-Loading"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T06:52:46.092Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Loading of Code in B\u0026R Products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-2637",
"datePublished": "2024-05-14T18:49:28.624Z",
"dateReserved": "2024-03-19T08:15:24.368Z",
"dateUpdated": "2025-04-24T06:52:46.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0220 (GCVE-0-2024-0220)
Vulnerability from cvelistv5 – Published: 2024-02-22 10:15 – Updated: 2024-09-19 17:24
VLAI
EPSS
VEX
Title
B&R products use insufficient communication encryption
Summary
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.
Severity
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Studio |
Affected:
4.0 , < 4.6
(patch)
|
|
| B&R Industrial Automation | Technology Guarding |
Affected:
1.0.0 , < 1.4.0
(patch)
|
|
| br-automation | automation_studio |
Affected:
4.0 , < 4.6
(custom)
cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:* |
Date Public
2024-02-22 10:10
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA23P019_Automation_Studio_Upgrade_Service_uses_insufficient_encryption.pdf-1b3b181c.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_studio",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.6",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T16:23:26.378691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:52:09.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Upgrade Service"
],
"product": "Automation Studio",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.6",
"status": "affected",
"version": "4.0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Technology Guarding",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "1.0.0",
"versionType": "patch"
}
]
}
],
"datePublic": "2024-02-22T10:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "B\u0026amp;R Automation Studio Upgrade Service and B\u0026amp;R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.\n\n\u003cbr\u003e"
}
],
"value": "B\u0026R Automation Studio Upgrade Service and B\u0026R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1240",
"description": "CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T17:24:51.723Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P019_Automation_Studio_Upgrade_Service_uses_insufficient_encryption.pdf-1b3b181c.pdf"
}
],
"source": {
"advisory": "2023-P019",
"discovery": "INTERNAL"
},
"title": "B\u0026R products use insufficient communication encryption",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-0220",
"datePublished": "2024-02-22T10:15:44.750Z",
"dateReserved": "2024-01-03T15:46:41.224Z",
"dateUpdated": "2024-09-19T17:24:51.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6028 (GCVE-0-2023-6028)
Vulnerability from cvelistv5 – Published: 2024-02-05 17:33 – Updated: 2024-08-02 08:21
VLAI
EPSS
VEX
Title
SDM Web interface vulnerable to XSS
Summary
A reflected
cross-site scripting (XSS) vulnerability exists in the SVG version of System
Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that
enables a remote attacker to execute arbitrary JavaScript code in the context
of the attacked user’s browser session.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Affected:
14.0 , < 14.93
(patch)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T18:48:50.631233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:03.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA23P018_SDM_Web_interface_vulnerable_to_XSS-1d75bee8.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SDM"
],
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "14.93",
"status": "affected",
"version": "14.0",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA reflected\ncross-site scripting (XSS) vulnerability exists in the SVG version of System\nDiagnostics Manager of B\u0026amp;R Automation Runtime versions \u0026lt;= G4.93 that\nenables a remote attacker to execute arbitrary JavaScript code in the context\nof the attacked user\u2019s browser session.\u003c/p\u003e\n\n\n\n\n\n"
}
],
"value": "A reflected\ncross-site scripting (XSS) vulnerability exists in the SVG version of System\nDiagnostics Manager of B\u0026R Automation Runtime versions \u003c= G4.93 that\nenables a remote attacker to execute arbitrary JavaScript code in the context\nof the attacked user\u2019s browser session.\n\n\n\n\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T13:54:25.416Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P018_SDM_Web_interface_vulnerable_to_XSS-1d75bee8.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update is available that resolves a vulnerability in the product versions listed above."
}
],
"value": "An update is available that resolves a vulnerability in the product versions listed above."
}
],
"source": {
"advisory": "SA23P018",
"discovery": "INTERNAL"
},
"title": "SDM Web interface vulnerable to XSS",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDo not use Hyperlinks provided by untrusted 3rd party to access the SDM. Hyperlinks may be provided via:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eEmails from unknown users\u003c/li\u003e\u003cli\u003eSocial media channels\u003c/li\u003e\u003cli\u003eMessaging services\u003c/li\u003e\u003cli\u003eWebpages with comment functionality\u003c/li\u003e\u003cli\u003eQR Codes\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe use of external Web Application Firewalls (WAF) can mitigate attacks using reflected cross-site scripting.\u003c/p\u003e"
}
],
"value": "\nDo not use Hyperlinks provided by untrusted 3rd party to access the SDM. Hyperlinks may be provided via:\n\n\n\n * Emails from unknown users\n * Social media channels\n * Messaging services\n * Webpages with comment functionality\n * QR Codes\n\n\n\n\nThe use of external Web Application Firewalls (WAF) can mitigate attacks using reflected cross-site scripting.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2023-6028",
"datePublished": "2024-02-05T17:33:34.785Z",
"dateReserved": "2023-11-08T10:17:50.175Z",
"dateUpdated": "2024-08-02T08:21:17.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}