Vulnerabilities > BR Automation

DATE CVE VULNERABILITY TITLE RISK
2020-11-27 CVE-2019-19877 Path Traversal vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation CWE-22
5.3
2020-11-27 CVE-2019-19876 SQL Injection vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation CWE-89
critical
9.8
2020-11-27 CVE-2019-19875 Command Injection vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation CWE-77
critical
9.8
2020-11-27 CVE-2019-19874 Command Injection vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation CWE-77
critical
9.8
2020-11-27 CVE-2019-19873 Unspecified vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation
7.5
2020-11-27 CVE-2019-19872 Command Injection vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation CWE-77
critical
9.8
2020-11-27 CVE-2019-19869 Unspecified vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation
7.5
2020-10-15 CVE-2020-11637 Memory Leak vulnerability in Br-Automation Automation Runtime
A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.
network
low complexity
br-automation CWE-401
7.5
2020-10-15 CVE-2020-11646 Unspecified vulnerability in Br-Automation products
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view log information reserved for other users.
network
low complexity
br-automation
4.3
2020-10-15 CVE-2020-11645 Resource Exhaustion vulnerability in Br-Automation products
A denial of service vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to limit availability of GateManager instances.
network
low complexity
br-automation CWE-400
6.5