Cyber Security Advisory on Code Loading Vulnerability

This document is a Cyber Security Advisory detailing a vulnerability identified in various B&R products, specifically linked to insecure loading of code. The advisory outlines the process B&R follows upon discovering a potential product vulnerability, which includes validation, root cause analysis, and remediation development. It lists affected products and their respective versions that are vulnerable, along with recommended immediate actions to mitigate the risk. The advisory emphasizes that the release should not be interpreted as an indication of an active threat. It also provides details about the nature of the vulnerability, which allows an authenticated local attacker to execute arbitrary code through legitimate software. Additionally, the advisory includes recommended practices for securing systems against such vulnerabilities, such as strengthening installation folder permissions and ensuring safe DLL search mode is enabled. The document serves to inform customers about the necessary updates and security measures.