Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
br-automation automation studio vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-22281
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 up to and including 4.12.
Br-automation Automation Studio
NA
CVE-2020-24682
Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 up to and including 4.6, from 4.7.0 prior to 4.7....
Br-automation Automation Studio
Br-automation Automation Net\\/pvi
NA
CVE-2020-24681
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation Automation Studio allows Privilege Escalation.This issue affects Automation Studio: from 4.6.0 up to and including 4.6.X, from 4.7.0 prior to 4.7.7 SP, from 4.8.0 prior to 4.8.6 S...
Br-automation Automation Studio
NA
CVE-2021-22282
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 up to and including 4.12.
Br-automation Automation Studio
NA
CVE-2021-22289
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network malicious user to execute code.
Br-automation Studio
3.6
CVSSv2
CVE-2019-19100
A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface.
Br-automation Automation Studio
Br-automation Automation Studio 4.8
4.3
CVSSv2
CVE-2019-19101
A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and < 4.7.2 enable unauthenticated users to perform MITM attacks v...
Br-automation Automation Studio
5
CVSSv2
CVE-2019-19102
A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip.
Br-automation Automation Studio
7.5
CVSSv2
CVE-2019-19108
An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP.
Br-automation Automation Runtime 2.96
Br-automation Automation Runtime 3.00
Br-automation Automation Runtime 3.01
Br-automation Automation Runtime 3.06
Br-automation Automation Runtime 3.07
Br-automation Automation Runtime
Br-automation Automation Runtime 4.72
Br-automation Automation Studio 2.7
Br-automation Automation Studio 3.0.71
Br-automation Automation Studio 3.0.80
Br-automation Automation Studio 3.0.81
Br-automation Automation Studio 3.0.90
Br-automation Automation Studio
Br-automation Automation Studio 4.7.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started