CVE-2024-10209

An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in B&R APROL 4.4-01 may allow an authenticated local attacker to read and alter the configuration of another engineering or runtime user...

B&R Industrial Automation B&R APROL 安全漏洞

B&R Industrial Automation B&R APROL is a process control system from B&R Industrial Automation, Austria. A security vulnerability in B&R Industrial Automation B&R APROL prior to version 4.4-00P5, which stems from a misimplementation of the authentication algorithm in session handling, could allow...

The vulnerability of the database server of the software solution for monitoring the status of B&R APROL industrial systems allows a hacker to read and modify configuration data.

The vulnerability of the database server of the B&R APROL software solution for monitoring the status of industrial systems is related to the absence of an authentication procedure. Exploiting this vulnerability allows a malicious actor to read and modify configuration data remotely...

CVE-2019-19877

An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to sensitive information outside the working directory via Directory Traversal attacks against AprolSqlServer, a different vulnerability than CVE-2019-16357...

B&R Industrial Automation APROL Path Traversal Vulnerability

B&r Automation B&r Automation APROL is a Linux-based process control system for industrial control applications from B&r Automation, Australia. A path traversal vulnerability exists in versions prior to B&R Industrial Automation APROL R4.2 V7.08, which can be exploited by an attacker to attack...