Vulnerabilites related to B&R Industrial Automation - Automation Runtime
CVE-2024-5801 (GCVE-0-2024-5801)
Vulnerability from cvelistv5
Published
2024-08-10 03:52
Modified
2024-08-12 14:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Version: 0 < 6.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:15:53.905942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:44:00.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"changes": [
{
"at": "6.0.2",
"status": "unaffected"
}
],
"lessThan": "6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-09T03:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Enabled IP Forwarding feature in B\u0026R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering."
}
],
"value": "Enabled IP Forwarding feature in B\u0026R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering."
}
],
"impacts": [
{
"capecId": "CAPEC-594",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-594 Traffic Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653 Improper Isolation or Compartmentalization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-10T03:52:02.326Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IP Forwarding enabled in B\u0026R Automation Runtime",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5801",
"datePublished": "2024-08-10T03:52:02.326Z",
"dateReserved": "2024-06-10T16:11:50.244Z",
"dateUpdated": "2024-08-12T14:44:00.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2637 (GCVE-0-2024-2637)
Vulnerability from cvelistv5
Published
2024-05-14 18:49
Modified
2025-04-24 06:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Summary
An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R Industrial Automation VC4, B&R Industrial Automation APROL, B&R Industrial Automation CAN Driver, B&R Industrial Automation CAN Driver CC770, B&R Industrial Automation CAN Driver SJA1000, B&R Industrial Automation Tou0ch Lock, B&R Industrial Automation B&R Single-Touch Driver, B&R Industrial Automation Serial User Mode Touch Driver, B&R Industrial Automation Windows Settings Changer (LTSC), B&R Industrial Automation Windows Settings Changer (2019 LTSC), B&R Industrial Automation Windows 10 Recovery Solution, B&R Industrial Automation ADI driver universal, B&R Industrial Automation ADI Development Kit, B&R Industrial Automation ADI .NET SDK, B&R Industrial Automation SRAM driver, B&R Industrial Automation HMI Service Center, B&R Industrial Automation HMI Service Center Maintenance, B&R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B&R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B&R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:scene_viewer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scene_viewer",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_runtime",
"vendor": "br-automation",
"versions": [
{
"lessThan": "j4.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_vision:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_vision",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.26.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_view:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_view",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:mapp_cockpit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mapp_cockpit",
"vendor": "br-automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:br-automation:vc4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vc4",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.73.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2637",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T19:33:12.195778Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T14:56:12.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:48.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Scene Viewer",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "J4.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Vision",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.26.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp View",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Cockpit",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp Safety",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.24.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VC4",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.73.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "APROL",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.4-01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver CC770",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CAN Driver SJA1000",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Tou0ch Lock",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "B\u0026R Single-Touch Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Serial User Mode Touch Driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.7.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows Settings Changer (LTSC)",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows Settings Changer (2019 LTSC)",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows 10 Recovery Solution",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI driver universal",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI Development Kit",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "5.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ADI .NET SDK",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SRAM driver",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HMI Service Center",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "3.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HMI Service Center Maintenance",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Windows 10 IoT Enterprise 2019 LTSC",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "KCF Editor",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-04-02T18:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Uncontrolled Search Path Element vulnerability\u0026nbsp;in B\u0026amp;R Industrial Automation Scene Viewer, B\u0026amp;R Industrial Automation Automation Runtime, B\u0026amp;R Industrial Automation mapp Vision, B\u0026amp;R Industrial Automation mapp View, B\u0026amp;R Industrial Automation mapp Cockpit, B\u0026amp;R Industrial Automation mapp Safety, B\u0026amp;R Industrial Automation VC4, B\u0026amp;R Industrial Automation APROL, B\u0026amp;R Industrial Automation CAN Driver, B\u0026amp;R Industrial Automation CAN Driver CC770, B\u0026amp;R Industrial Automation CAN Driver SJA1000, B\u0026amp;R Industrial Automation Tou0ch Lock, B\u0026amp;R Industrial Automation B\u0026amp;R Single-Touch Driver, B\u0026amp;R Industrial Automation Serial User Mode Touch Driver, B\u0026amp;R Industrial Automation Windows Settings Changer (LTSC), B\u0026amp;R Industrial Automation Windows Settings Changer (2019 LTSC), B\u0026amp;R Industrial Automation Windows 10 Recovery Solution, B\u0026amp;R Industrial Automation ADI driver universal, B\u0026amp;R Industrial Automation ADI Development Kit, B\u0026amp;R Industrial Automation ADI .NET SDK, B\u0026amp;R Industrial Automation SRAM driver, B\u0026amp;R Industrial Automation HMI Service Center, B\u0026amp;R Industrial Automation HMI Service Center Maintenance, B\u0026amp;R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B\u0026amp;R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..\u003cp\u003eThis issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B\u0026amp;R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0.\u003c/p\u003e"
}
],
"value": "An Uncontrolled Search Path Element vulnerability\u00a0in B\u0026R Industrial Automation Scene Viewer, B\u0026R Industrial Automation Automation Runtime, B\u0026R Industrial Automation mapp Vision, B\u0026R Industrial Automation mapp View, B\u0026R Industrial Automation mapp Cockpit, B\u0026R Industrial Automation mapp Safety, B\u0026R Industrial Automation VC4, B\u0026R Industrial Automation APROL, B\u0026R Industrial Automation CAN Driver, B\u0026R Industrial Automation CAN Driver CC770, B\u0026R Industrial Automation CAN Driver SJA1000, B\u0026R Industrial Automation Tou0ch Lock, B\u0026R Industrial Automation B\u0026R Single-Touch Driver, B\u0026R Industrial Automation Serial User Mode Touch Driver, B\u0026R Industrial Automation Windows Settings Changer (LTSC), B\u0026R Industrial Automation Windows Settings Changer (2019 LTSC), B\u0026R Industrial Automation Windows 10 Recovery Solution, B\u0026R Industrial Automation ADI driver universal, B\u0026R Industrial Automation ADI Development Kit, B\u0026R Industrial Automation ADI .NET SDK, B\u0026R Industrial Automation SRAM driver, B\u0026R Industrial Automation HMI Service Center, B\u0026R Industrial Automation HMI Service Center Maintenance, B\u0026R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B\u0026R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B\u0026R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-641",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-641 DLL Side-Loading"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T06:52:46.092Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Loading of Code in B\u0026R Products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-2637",
"datePublished": "2024-05-14T18:49:28.624Z",
"dateReserved": "2024-03-19T08:15:24.368Z",
"dateUpdated": "2025-04-24T06:52:46.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8603 (GCVE-0-2024-8603)
Vulnerability from cvelistv5
Published
2025-01-15 15:31
Modified
2025-01-15 15:56
Severity ?
8.2 (High) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Summary
A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | B&R Industrial Automation | Automation Runtime |
Version: 6.0 < 6.1 Version: 4.0 < |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:56:20.185680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:56:30.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.1",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mapp View",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "6.1",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-01-15T02:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A \u201cUse of a Broken or Risky Cryptographic Algorithm\u201d vulnerability in the SSL/TLS component used in B\u0026amp;R Automation Runtime versions before 6.1 and B\u0026amp;R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices.\u003cbr\u003e"
}
],
"value": "A \u201cUse of a Broken or Risky Cryptographic Algorithm\u201d vulnerability in the SSL/TLS component used in B\u0026R Automation Runtime versions before 6.1 and B\u0026R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:31:01.195Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA25P001-c478fad6.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-8603",
"datePublished": "2025-01-15T15:31:01.195Z",
"dateReserved": "2024-09-09T09:19:20.885Z",
"dateUpdated": "2025-01-15T15:56:30.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0323 (GCVE-0-2024-0323)
Vulnerability from cvelistv5
Published
2024-02-05 16:05
Modified
2024-09-06 07:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1240 - Use of a Cryptographic Primitive with a Risky Implementation
Summary
The FTP server used on the B&R
Automation Runtime supports unsecure encryption mechanisms, such as SSLv3,
TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct
man-in-the-middle attacks or to decrypt communications between the affected product
clients.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Version: 14.0 < 14.93 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:49.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA23P004_FTP_uses_unsecure_encryption_mechanisms-f57c147c.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "automation_runtime",
"vendor": "br-automation",
"versions": [
{
"lessThan": "14.93",
"status": "affected",
"version": "14.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T14:10:59.497846Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T14:16:16.093Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SDM"
],
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "14.93",
"status": "affected",
"version": "14.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The FTP server used on the B\u0026amp;R\nAutomation Runtime supports unsecure encryption mechanisms, such as SSLv3,\nTLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct\nman-in-the-middle attacks or to decrypt communications between the affected product\nclients. \u0026nbsp;\n\n\u003cbr\u003e"
}
],
"value": "The FTP server used on the B\u0026R\nAutomation Runtime supports unsecure encryption mechanisms, such as SSLv3,\nTLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct\nman-in-the-middle attacks or to decrypt communications between the affected product\nclients."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1240",
"description": "CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T07:21:29.270Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P004_FTP_uses_unsecure_encryption_mechanisms-f57c147c.pdf"
}
],
"source": {
"advisory": "SA23P018",
"discovery": "INTERNAL"
},
"title": "FTP uses unsecure encryption mechanisms",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-0323",
"datePublished": "2024-02-05T16:05:47.612Z",
"dateReserved": "2024-01-08T13:02:23.041Z",
"dateUpdated": "2024-09-06T07:21:29.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5800 (GCVE-0-2024-5800)
Vulnerability from cvelistv5
Published
2024-08-10 03:50
Modified
2024-08-12 14:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-326 - Inadequate Encryption Strength
Summary
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Version: 0 < 6.0.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5800",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:32:07.188310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:32:22.309Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "SSL/TLS",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"changes": [
{
"at": "6.0.2",
"status": "unaffected"
}
],
"lessThan": "6.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-09T03:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B\u0026R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication."
}
],
"value": "Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B\u0026R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
},
{
"capecId": "CAPEC-148",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-148 Content Spoofing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-10T03:50:02.159Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B\u0026R Automation Runtime",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5800",
"datePublished": "2024-08-10T03:50:02.159Z",
"dateReserved": "2024-06-10T16:11:48.689Z",
"dateUpdated": "2024-08-12T14:32:22.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6028 (GCVE-0-2023-6028)
Vulnerability from cvelistv5
Published
2024-02-05 17:33
Modified
2024-08-02 08:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A reflected
cross-site scripting (XSS) vulnerability exists in the SVG version of System
Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that
enables a remote attacker to execute arbitrary JavaScript code in the context
of the attacked user’s browser session.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| B&R Industrial Automation | Automation Runtime |
Version: 14.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T18:48:50.631233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:03.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA23P018_SDM_Web_interface_vulnerable_to_XSS-1d75bee8.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SDM"
],
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "14.93",
"status": "affected",
"version": "14.0",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA reflected\ncross-site scripting (XSS) vulnerability exists in the SVG version of System\nDiagnostics Manager of B\u0026amp;R Automation Runtime versions \u0026lt;= G4.93 that\nenables a remote attacker to execute arbitrary JavaScript code in the context\nof the attacked user\u2019s browser session.\u003c/p\u003e\n\n\n\n\n\n"
}
],
"value": "A reflected\ncross-site scripting (XSS) vulnerability exists in the SVG version of System\nDiagnostics Manager of B\u0026R Automation Runtime versions \u003c= G4.93 that\nenables a remote attacker to execute arbitrary JavaScript code in the context\nof the attacked user\u2019s browser session.\n\n\n\n\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T13:54:25.416Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P018_SDM_Web_interface_vulnerable_to_XSS-1d75bee8.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update is available that resolves a vulnerability in the product versions listed above."
}
],
"value": "An update is available that resolves a vulnerability in the product versions listed above."
}
],
"source": {
"advisory": "SA23P018",
"discovery": "INTERNAL"
},
"title": "SDM Web interface vulnerable to XSS",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDo not use Hyperlinks provided by untrusted 3rd party to access the SDM. Hyperlinks may be provided via:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eEmails from unknown users\u003c/li\u003e\u003cli\u003eSocial media channels\u003c/li\u003e\u003cli\u003eMessaging services\u003c/li\u003e\u003cli\u003eWebpages with comment functionality\u003c/li\u003e\u003cli\u003eQR Codes\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe use of external Web Application Firewalls (WAF) can mitigate attacks using reflected cross-site scripting.\u003c/p\u003e"
}
],
"value": "\nDo not use Hyperlinks provided by untrusted 3rd party to access the SDM. Hyperlinks may be provided via:\n\n\n\n * Emails from unknown users\n * Social media channels\n * Messaging services\n * Webpages with comment functionality\n * QR Codes\n\n\n\n\nThe use of external Web Application Firewalls (WAF) can mitigate attacks using reflected cross-site scripting.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2023-6028",
"datePublished": "2024-02-05T17:33:34.785Z",
"dateReserved": "2023-11-08T10:17:50.175Z",
"dateUpdated": "2024-08-02T08:21:17.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}