Br-automation Automation_runtime

8 CVEs affecting Br-automation Automation_runtime. Latest disclosed: 2024-08-12. Critical: 2, High: 3.

Top CVEs affecting Br-automation Automation_runtime
CVESeverityScorePublishedSummary
CVE-2024-0323Critical9.82024-02-05The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exp…
CVE-2019-19108Critical9.42020-04-20An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthent…
CVE-2023-3242High8.62023-07-26Improper initialization implementation in Portmapper used in B&R Industrial Automation Automation Runtime <G4.93 allows unauthenticated network-based attackers…
CVE-2021-22275High8.62022-05-13Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and…
CVE-2024-5800High7.52024-08-12Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to…
CVE-2023-6028Medium6.12024-02-05A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that e…
CVE-2022-4286Medium6.12023-02-14 A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a…
CVE-2020-11637Medium5.82020-10-15A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated at…