Lucene search

CVE-2024-2637 Insecure Loading of Code in B&R Products

🗓️ 14 May 2024 18:28:49Reported by ABBType

Insecure Loading of Code in B&R Products. Uncontrolled Search Path Element vulnerability allowing execution of malicious code by authenticated local attacker

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Vulnrichment	CVE-2024-2637 Insecure Loading of Code in B&R Products	14 May 202418:49	–	vulnrichment
CVE	CVE-2024-2637	14 May 202419:15	–	cve
RedhatCVE	CVE-2024-2637	5 Feb 202502:00	–	redhatcve
NVD	CVE-2024-2637	14 May 202419:15	–	nvd

[
  {
    "defaultStatus": "unaffected",
    "product": "Scene Viewer",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "4.4.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Automation Runtime",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "J4.93",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "mapp Vision",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "5.26.1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "mapp View",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "5.24.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "mapp Cockpit",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "5.24.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "mapp Safety",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "5.24.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VC4",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "4.73.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "APROL",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "4.4-01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CAN Driver",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "1.1.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CAN Driver CC770",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "3.3.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CAN Driver SJA1000",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "1.3.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Tou0ch Lock",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "2.1.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "B&R Single-Touch Driver",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "2.0.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Serial User Mode Touch Driver",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "1.7.1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Windows Settings Changer (LTSC)",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "3.2.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Windows Settings Changer (2019 LTSC)",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "2.2.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Windows 10 Recovery Solution",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "3.2.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ADI driver universal",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "3.2.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ADI Development Kit",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "5.5.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ADI .NET SDK",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "4.1.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "SRAM driver",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "1.2.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "HMI Service Center",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "3.1.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "HMI Service Center Maintenance",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "2.1.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Windows 10 IoT Enterprise 2019 LTSC",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThanOrEqual": "1.1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "KCF Editor",
    "vendor": "B&R Industrial Automation",
    "versions": [
      {
        "lessThan": "1.1.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
br-automation	www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2024 18:49Current

7.2High risk

Vulners AI Score7.2

CVSS37.2

EPSS0.00024

CWE-427