EUVD-2024-27586

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Uncontrolled Search Path Element vulnerability in multiple B&R Industrial Automation products allows code execution.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-2637	24 Apr 202507:19	–	circl
CNNVD	B&R Industrial Automation多款产品代码问题漏洞	14 May 202400:00	–	cnnvd
CVE	CVE-2024-2637	14 May 202418:49	–	cve
Cvelist	CVE-2024-2637 Insecure Loading of Code in B&R Products	14 May 202418:49	–	cvelist
NVD	CVE-2024-2637	14 May 202419:15	–	nvd
Positive Technologies	PT-2024-21372 · B&R Industrial Automation · Vc4 +6	14 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-2637	5 Feb 202502:00	–	redhatcve
Vulnrichment	CVE-2024-2637 Insecure Loading of Code in B&R Products	14 May 202418:49	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "027bb237-a8c2-3625-8aed-5f32c35e2cd0",
        "vendor": {
          "name": "B&R Industrial Automation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "17210472-7e10-33ff-84d4-99a35f9a0c47",
        "product": {
          "name": "mapp Vision"
        },
        "product_version": "0 <5.26.1"
      },
      {
        "id": "1d770699-a4de-3026-a1a8-4b229f74d922",
        "product": {
          "name": "ADI Development Kit"
        },
        "product_version": "0 <5.5.0"
      },
      {
        "id": "2f07e19c-8cb8-3f37-887c-26a82e6e00b8",
        "product": {
          "name": "Scene Viewer"
        },
        "product_version": "0 <4.4.0"
      },
      {
        "id": "3a52a314-099d-36cc-8b94-fb8f13ceacc5",
        "product": {
          "name": "Windows Settings Changer (2019 LTSC)"
        },
        "product_version": "0 <2.2.0"
      },
      {
        "id": "48f7dfce-3925-35ca-8e0b-06cb0f9ed88d",
        "product": {
          "name": "Automation Runtime"
        },
        "product_version": "0 <J4.93"
      },
      {
        "id": "4b19b156-e0f4-3ef0-b87b-d4c24c65ff87",
        "product": {
          "name": "CAN Driver SJA1000"
        },
        "product_version": "0 <1.3.0"
      },
      {
        "id": "5adbddb4-64a0-3c3a-a7d9-0d62be125d49",
        "product": {
          "name": "CAN Driver"
        },
        "product_version": "0 <1.1.0"
      },
      {
        "id": "5efee025-0172-3053-aacf-ade4b376e43a",
        "product": {
          "name": "SRAM driver"
        },
        "product_version": "0 <1.2.0"
      },
      {
        "id": "6a92c144-72fa-3d8a-b0db-603a6f863471",
        "product": {
          "name": "VC4"
        },
        "product_version": "0 <4.73.2"
      },
      {
        "id": "71bc2779-3d98-36c0-9129-12a39f8acbee",
        "product": {
          "name": "mapp Cockpit"
        },
        "product_version": "0 <5.24.2"
      },
      {
        "id": "7633cc47-394d-3a65-ad86-68323af39cc8",
        "product": {
          "name": "ADI driver universal"
        },
        "product_version": "0 <3.2.0"
      },
      {
        "id": "841d932a-7667-37a0-b05e-e8a589500805",
        "product": {
          "name": "mapp View"
        },
        "product_version": "0 <5.24.2"
      },
      {
        "id": "854cd3fe-1266-3e5e-bdac-8a3272efa971",
        "product": {
          "name": "Windows 10 Recovery Solution"
        },
        "product_version": "0 <3.2.0"
      },
      {
        "id": "90db77f7-a20d-3a88-bc48-d3d96a046a89",
        "product": {
          "name": "ADI .NET SDK"
        },
        "product_version": "0 <4.1.0"
      },
      {
        "id": "95384735-aea7-366b-9376-1ba741ddd79a",
        "product": {
          "name": "CAN Driver CC770"
        },
        "product_version": "0 <3.3.0"
      },
      {
        "id": "9b6f19c0-57ca-38a2-942f-c1cdfc8a1161",
        "product": {
          "name": "B&R Single-Touch Driver"
        },
        "product_version": "0 <2.0.0"
      },
      {
        "id": "a1664a97-0cd5-339a-95a1-2f1af7fca05c",
        "product": {
          "name": "HMI Service Center Maintenance"
        },
        "product_version": "0 <2.1.0"
      },
      {
        "id": "a53cf486-9778-38a1-bb9f-f19f2d1c61d7",
        "product": {
          "name": "Windows Settings Changer (LTSC)"
        },
        "product_version": "0 <3.2.0"
      },
      {
        "id": "a6c8ba8a-0b5a-33ba-91ed-40325e2ff650",
        "product": {
          "name": "mapp Safety"
        },
        "product_version": "0 <5.24.2"
      },
      {
        "id": "bd2e26ae-c7ab-39f3-a30c-a1c1ccc658f4",
        "product": {
          "name": "APROL"
        },
        "product_version": "0 <4.4-01"
      },
      {
        "id": "c8345ca0-21b5-3121-bfa8-43b4e8203580",
        "product": {
          "name": "Tou0ch Lock"
        },
        "product_version": "0 <2.1.0"
      },
      {
        "id": "c8d13396-d8a2-39a9-b616-2ab7c6cc2ca8",
        "product": {
          "name": "Windows 10 IoT Enterprise 2019 LTSC"
        },
        "product_version": "0 ≤1.1"
      },
      {
        "id": "ee61dc1d-87dd-37cc-aa4f-4bfb6cb88f90",
        "product": {
          "name": "HMI Service Center"
        },
        "product_version": "0 <3.1.0"
      },
      {
        "id": "f36c71ed-c35e-3891-8fb6-c1c026ccaff4",
        "product": {
          "name": "KCF Editor"
        },
        "product_version": "0 <1.1.0"
      },
      {
        "id": "fd14f367-ec39-3656-92c4-dc212115fdc2",
        "product": {
          "name": "Serial User Mode Touch Driver"
        },
        "product_version": "0 <1.7.1"
      }
    ]
  }
]

Source	Link
br-automation	www.br-automation.com/fileadmin/SA24P005_Insecure_Loading_of_Code-c7d9e49c.pdf
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-2637

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17.2

EPSS0.00067

SSVC