Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

B&R Industrial Automation — Vulnerabilities & Security Advisories 29

Browse all 29 CVE security advisories affecting B&R Industrial Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by B&R Industrial Automation:B&R APROLAutomation StudioAutomation RuntimeB&R Automation RuntimeB&R VC4Scene Viewer
CVE IDTitleCVSSSeverityPublished
CVE-2025-3450 Automation Runtime SDM requests may impact system — Automation RuntimeCWE-413 10.0 Critical2025-10-07
CVE-2024-45482 Privilege escalation in B&R APROL — B&R APROLCWE-829 7.8AIHighAI2025-03-25
CVE-2024-45481 Improper authentication in SSH of B&R APROL — B&R APROLCWE-791 7.8AIHighAI2025-03-25
CVE-2024-45480 Unauthorized local file reading in B&R APROL — B&R APROLCWE-94 9.1AICriticalAI2025-03-25
CVE-2024-8315 Improper Handling of Insufficient Permissions or Privileges in B&R APROL — B&R APROLCWE-280 5.5AIMediumAI2025-03-25
CVE-2024-8603 B&R Automation Runtime 加密问题漏洞 — Automation RuntimeCWE-327 7.5 High2025-01-15
CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL — B&R APROLCWE-79 6.1AIMediumAI2024-08-29
CVE-2024-5623 Untrusted search path vulnerability in B&R APROL — B&R APROLCWE-250 7.3AIHighAI2024-08-29
CVE-2024-5622 Untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL — B&R APROLCWE-250 7.8AIHighAI2024-08-29
CVE-2024-5801 IP Forwarding enabled in B&R Automation Runtime — Automation RuntimeCWE-1188 7.5AIHighAI2024-08-10
CVE-2024-5800 Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B&R Automation Runtime — Automation RuntimeCWE-326 7.5AIHighAI2024-08-10
CVE-2021-22280 DLL Hijacking Vulnerability in Automation Studio — Automation Studio 7.2 High2024-05-14
CVE-2024-2637 Insecure Loading of Code in B&R Products — Scene ViewerCWE-427 7.2 High2024-05-14
CVE-2024-0220 B&R products use insufficient communication encryption — Automation StudioCWE-1240 8.3 High2024-02-22
CVE-2023-6028 SDM Web interface vulnerable to XSS — Automation RuntimeCWE-79 6.1 Medium2024-02-05
CVE-2024-0323 FTP uses unsecure encryption mechanisms — Automation RuntimeCWE-1240 9.8 Critical2024-02-05
CVE-2021-22281 Zip Slip Vulnerability in B&R Automation Studio Project Import — Automation StudioCWE-23 6.3 Medium2024-02-02
CVE-2020-24682 Automation Studio and PVI Multiple unquoted service path vulnerabilities — Automation StudioCWE-428 7.2 High2024-02-02
CVE-2020-24681 Automation Studio and PVI Multiple incorrect permission assignments for services — Automation StudioCWE-732 8.2 High2024-02-02
CVE-2021-22282 RCE in B&R Automation Studio with crafted project files — Automation StudioCWE-94 8.3 High2024-02-02
CVE-2023-3242 B&R Industrial Automation GmbH Runtime 安全漏洞 — B&R Automation RuntimeCWE-770 8.6 High2023-07-26
CVE-2023-1617 Improper Authentication Mechanism in B&R VC4 Visualization — B&R VC4CWE-287 9.8 Critical2023-04-14
CVE-2022-4286 Reflected Cross-Site Scripting Vulnerabilities in Automation Runtime — B&R Automation RuntimeCWE-79 6.1 Medium2023-02-14
CVE-2022-43765 DoS in APROLs Tbase server — B&R APROLCWE-252 7.5 High2023-02-08
CVE-2022-43764 Buffer overflow when changing configuration on Tbase Server — B&R APROLCWE-121 9.8 Critical2023-02-08
CVE-2022-43763 Lack of checking preconditions in APROL — B&R APROLCWE-252 7.5 High2023-02-08
CVE-2022-43762 Memory leak when receiving messages in APROL Tbase server — B&R APROLCWE-119 7.5 High2023-02-08
CVE-2022-43761 Lack of authentication when managing APROL database — B&R APROLCWE-306 9.4 Critical2023-02-08
CVE-2021-22289 RCE through Project Upload from Target — Automation StudioCWE-20 8.3 High2022-08-11

This page lists every published CVE security advisory associated with B&R Industrial Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.