Vulnerabilities > BR Automation

DATE CVE VULNERABILITY TITLE RISK
2020-11-27 CVE-2019-19873 Improper Authentication vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation CWE-287
5.0
2020-11-27 CVE-2019-19872 Injection vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation CWE-74
7.5
2020-11-27 CVE-2019-19869 Unspecified vulnerability in Br-Automation Industrial Automation Aprol
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08.
network
low complexity
br-automation
5.0
2020-10-15 CVE-2020-11637 Memory Leak vulnerability in Br-Automation Automation Runtime
A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.
network
low complexity
br-automation CWE-401
5.0
2020-10-15 CVE-2020-11646 Unspecified vulnerability in Br-Automation products
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view log information reserved for other users.
network
low complexity
br-automation
4.0
2020-10-15 CVE-2020-11645 Resource Exhaustion vulnerability in Br-Automation products
A denial of service vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to limit availability of GateManager instances.
network
low complexity
br-automation CWE-400
4.0
2020-10-15 CVE-2020-11644 Unspecified vulnerability in Br-Automation products
The information disclosure vulnerability present in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to generate fake audit log messages.
network
low complexity
br-automation
4.0
2020-10-15 CVE-2020-11643 Information Exposure Through Log Files vulnerability in Br-Automation products
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view information of devices belonging to foreign domains.
network
low complexity
br-automation CWE-532
4.0
2020-10-15 CVE-2020-11642 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.
network
low complexity
br-automation CWE-552
4.0
2020-10-15 CVE-2020-11641 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.
network
low complexity
br-automation CWE-552
4.0