Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Authentication Mechanism in B&R VC4 Visualization
Vulnerability Description
Improper Authentication vulnerability in B&R Industrial Automation B&R VC4 (VNC-Server modules). This vulnerability may allow an unauthenticated network-based attacker to bypass the authentication mechanism of the VC4 visualization on affected devices. The impact of this vulnerability depends on the functionality provided in the visualization. This issue affects B&R VC4: from 3.* through 3.96.7, from 4.0* through 4.06.7, from 4.1* through 4.16.3, from 4.2* through 4.26.8, from 4.3* through 4.34.6, from 4.4* through 4.45.1, from 4.5* through 4.45.3, from 4.7* through 4.72.9.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
B&R Industrial Automation B&R VC4 授权问题漏洞
Vulnerability Description
B&R Industrial Automation B&R VC4是奥地利贝加莱工业自动化(B&R Industrial Automation)公司的一种可视化系统。可用于创建线显示器或控制带有按键和/或触摸屏的集成或远程 XGA 显示器。 B&R Industrial Automation B&R VC4存在安全漏洞,该漏洞源于存在不正确身份验证漏洞,此漏洞可能允许未经身份验证的基于网络的攻击者绕过受影响设备上VC4可视化的身份验证机制。
CVSS Information
N/A
Vulnerability Type
N/A