Cyber Security Advisory on Docker Engine Vulnerabilities

This document is a Cyber Security Advisory detailing vulnerabilities identified in the Docker Engine, specifically affecting B&R APROL versions R4.2 and R4.4. The advisory outlines the process B&R follows upon discovering a potential product vulnerability, which includes validating the issue, identifying impacted products, and notifying users. It lists several CVE IDs associated with the vulnerabilities, such as CVE-2024-23652 and CVE-2024-21626, and describes the potential risks posed by these vulnerabilities, including the ability for local attackers to execute arbitrary code. The advisory also provides recommended actions for users, including applying updates to patched versions of the affected products. Additionally, it discusses general mitigation strategies to enhance security and prevent exploitation of the vulnerabilities. The advisory emphasizes B&R's commitment to responsible disclosure and keeping users informed about potential risks.