B&R Industrial Automation
Cyber Security Advisory for B&R APROL Vulnerabilities
Pages
7
Time to read
9 mins
Publication
Language
English
Summary
This document is a Cyber Security Advisory detailing multiple vulnerabilities identified in B&R APROL, specifically CVE-2024-5622, CVE-2024-5623, and CVE-2024-5624. The advisory outlines B&R's internal process for handling product vulnerabilities, which includes validation, root cause analysis, and remediation development. It emphasizes the importance of notifying customers about potential risks and provides information on affected product versions. The document describes the nature of the vulnerabilities, including the potential for arbitrary code execution and cross-site scripting attacks. It also recommends immediate actions for users, including applying updates to patched versions of the product. The advisory includes a summary of the vulnerabilities' severity, assessed using the Common Vulnerability Scoring System (CVSS), and provides guidance on mitigating risks associated with these vulnerabilities. Additionally, it addresses frequently asked questions regarding the vulnerabilities and general security recommendations for users of B&R products.
