B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:HBr Automation Automation Studio
APPBr-Automation< 4.6Br Automation Technology Guarding
APPBr-Automation< 1.4.0
Powiązane podatności
An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3....
Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated l...
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automatio...
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation Automation St...
Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial A...