Vulnerabilities > CVE-2019-19100 - Unspecified vulnerability in Br-Automation Automation Studio

CVSS 3.6 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

br-automation

NVD

Published: 2020-04-29

Updated: 2021-09-14

Summary

A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface.

Vulnerable Configurations

Part	Description	Count
Application	Br-Automation BR Automation Automation Studio 4.0 BR Automation Automation Studio 4.0.0 BR Automation Automation Studio 4.0.14.208 BR Automation Automation Studio 4.0.15.165 BR Automation Automation Studio 4.0.16.81 BR Automation Automation Studio 4.0.17.85 BR Automation Automation Studio 4.0.18.71 BR Automation Automation Studio 4.0.19.69 BR Automation Automation Studio 4.0.20.56 BR Automation Automation Studio 4.0.21.35 BR Automation Automation Studio 4.0.22.47 BR Automation Automation Studio 4.0.23.58 BR Automation Automation Studio 4.0.24.45 BR Automation Automation Studio 4.0.25.156 BR Automation Automation Studio 4.0.26.103 BR Automation Automation Studio 4.0.27.122 BR Automation Automation Studio 4.0.28.24 BR Automation Automation Studio 4.0.29.87 BR Automation Automation Studio 4.1 BR Automation Automation Studio 4.1.5.68 BR Automation Automation Studio 4.1.6.81 BR Automation Automation Studio 4.1.7.61 BR Automation Automation Studio 4.1.8.44 BR Automation Automation Studio 4.1.9.44 BR Automation Automation Studio 4.1.10.69 BR Automation Automation Studio 4.1.11.118 BR Automation Automation Studio 4.1.12.57 BR Automation Automation Studio 4.1.13.84 BR Automation Automation Studio 4.1.14.40 BR Automation Automation Studio 4.1.15.54 BR Automation Automation Studio 4.1.16.135 BR Automation Automation Studio 4.1.17.113 BR Automation Automation Studio 4.2 BR Automation Automation Studio 4.2.6.110 BR Automation Automation Studio 4.2.7.54 BR Automation Automation Studio 4.2.8.54 BR Automation Automation Studio 4.2.9.65 BR Automation Automation Studio 4.2.10.53 BR Automation Automation Studio 4.2.11.97 BR Automation Automation Studio 4.2.12.129 BR Automation Automation Studio 4.2.13.102 BR Automation Automation Studio 4.2.14.119 BR Automation Automation Studio 4.3 BR Automation Automation Studio 4.3.3.196 BR Automation Automation Studio 4.3.4.121 BR Automation Automation Studio 4.3.5.113 BR Automation Automation Studio 4.3.6.46 BR Automation Automation Studio 4.3.6.57 BR Automation Automation Studio 4.3.7.46 BR Automation Automation Studio 4.3.8.58 BR Automation Automation Studio 4.3.9.141 BR Automation Automation Studio 4.3.10.94 BR Automation Automation Studio 4.4 BR Automation Automation Studio 4.4.4.112 BR Automation Automation Studio 4.4.5.61 BR Automation Automation Studio 4.4.6.71 BR Automation Automation Studio 4.4.7.144 BR Automation Automation Studio 4.4.8.122 BR Automation Automation Studio 4.5 BR Automation Automation Studio 4.5.2.102 BR Automation Automation Studio 4.5.3.86 BR Automation Automation Studio 4.6 BR Automation Automation Studio 4.7 BR Automation Automation Studio 4.8	64

References

https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio/