目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1325 CNY

100%
コーヒーを一杯おごる

B&R Industrial Automation GmbH 厂商漏洞列表 / CVE 中文分析 17

B&R Industrial Automation GmbH 厂商相关 17 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

B&R Industrial Automation GmbH 专注于工业自动化解决方案,为制造业提供控制系统、驱动技术和软件。历史上,其产品常见漏洞包括远程代码执行、权限提升和缓冲区溢出,主要源于未经验证的输入处理和固件更新机制。2020 年,其工业 PC 产品被发现存在多个高危漏洞,可导致未经授权的系统访问。该公司近年加强了安全开发生命周期,但固件更新过程中的加密缺陷仍值得关注。

上位製品 B&R Industrial Automation GmbH: APROL Automation Runtime B&R mapp Cockpit B&R Automation Studio Process Visualization Interface (PVI) PPT30 Operating System
CVE IDタイトルCVSS深刻度公開日
CVE-2025-11482 Allocation of Resources Without Limits or Throttling in the OPC-UA Server — PPT30 Operating SystemCWE-770 7.5 High2026-05-26
CVE-2026-0936 Insertion of Sensitive Information into Logfile — Process Visualization Interface (PVI)CWE-532 5.0 Medium2026-01-29
CVE-2025-11044 Vulnerability on Automation Runtime my cause DoS Conditions — Automation RuntimeCWE-770 6.8 Medium2026-01-19
CVE-2025-11043 Improper Server Certificate Validation in Automation Studio — B&R Automation StudioCWE-295 7.4 High2026-01-19
CVE-2025-11498 CSV Formula Injection Vulnerability — Automation RuntimeCWE-1236 6.1 Medium2025-10-14
CVE-2025-3449 Weak Session Token used in Automation Runtime SDM — Automation RuntimeCWE-340 4.2 Medium2025-10-07
CVE-2025-3448 XSS on SDM — Automation RuntimeCWE-79 6.1 Medium2025-10-07
CVE-2024-10210 Path traversal in APROL Web Portal — APROLCWE-73 6.5AIMediumAI2025-03-25
CVE-2024-45484 Enabled ICMP redirection in B&R APROL — APROLCWE-770 6.5AIMediumAI2025-03-25
CVE-2024-45483 Missing GRUB password in B&R APROL — APROLCWE-306 6.1AIMediumAI2025-03-25
CVE-2024-10209 Incorrect Permission Assignment in APROL file system — APROLCWE-732 7.1AIHighAI2025-03-25
CVE-2024-10208 Cross Site Scripting vulnerability in APROL Web Portal — APROLCWE-79 5.4AIMediumAI2025-03-25
CVE-2024-10207 Server-Side Request Forgery (authenticated) in APROL Web Portal — APROLCWE-918 7.1AIHighAI2025-03-25
CVE-2024-10206 Server-Side Request Forgery (unauthenticated) in APROL Web Portal — APROLCWE-918 8.2AIHighAI2025-03-25
CVE-2024-8314 Improper session handling in B&R APROL — APROLCWE-303 8.8AIHighAI2025-03-25
CVE-2024-8313 Default or Guessable SNMP community names in B&R APROL — APROLCWE-497 8.8AIHighAI2025-03-25
CVE-2024-10490 Authentication bypass flaw in several mapp components — B&R mapp CockpitCWE-288 9.8 -2024-12-02

本页汇总了 B&R Industrial Automation GmbH 厂商截至目前公开的全部 17 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。