Cyber Security Advisory for B&R Automation Runtime

This document is a Cyber Security Advisory regarding a vulnerability identified in the B&R Automation Runtime, specifically affecting versions prior to 6.5.0 and R4.93. The advisory outlines the process followed by B&R when a potential product vulnerability is reported, including validation, root cause identification, and remediation development. It provides details on the affected products and describes the nature of the vulnerability, which could allow an unauthenticated attacker to exploit the ANSL server component through malicious network traffic, potentially leading to a denial-of-service condition. The advisory emphasizes that the release should not be misconstrued as indicating an active threat. Recommended actions for customers include applying updates to the latest versions and adjusting application configurations as necessary. Additionally, it discusses mitigating factors and general security recommendations to enhance the security of installations. The document serves as a commitment to transparency and user safety in cybersecurity matters.