92 matches found
CVE-2025-3449 Weak Session Token used in Automation Runtime SDM
A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions...
CVE-2025-3448 XSS on SDM
Reflected cross-site scripting XSS vulnerabilities exist in System Diagnostics Manager SDM of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session...
EUVD-2025-32883
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in B&R Industrial Automation Automation Runtime.This issue affects Automation Runtime: from 6.0 before 6.4...
CVE-2025-3448 XSS on SDM
Reflected cross-site scripting XSS vulnerabilities exist in System Diagnostics Manager SDM of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session...
CVE-2025-3448
CVE-2025-3448 describes a reflected cross-site scripting (XSS) in the System Diagnostics Manager (SDM) of B&R Automation Runtime, prior to 6.4 . The vulnerability allows a remote attacker to cause the affected user’s browser to execute arbitrary JavaScript, via crafted input during web page gener...
CVE-2025-3450
An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions...
EUVD-2025-32721
Improper Resource Locking vulnerability in B&R Industrial Automation Automation Runtime.This issue affects Automation Runtime: from 6.0 before 6.3, before Q4.93...
CVE-2025-3450
CVE-2025-3450 describes an Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime . Affected versions are before 6.3 and before Q4.93, where an unauthenticated, network-based attacker could delete data, leading to denial of service. The issue stems from resource lo...
CVE-2025-3450 Automation Runtime SDM requests may impact system
An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions...
CVE-2025-3450 Automation Runtime SDM requests may impact system
An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions...
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
SUMMARY An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could cause the product to stop. 2. MITIGATING FACTORS Deactivate the...
ABB B&R Automation Runtime
SUMMARY An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could take over a remote session or execute code in the context of...
B&R Automation Runtime 安全漏洞
B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.4, which stems from the presence of reflective cross-site scripting in System Diagnostics Manager that could lead to the execution of arbitrary...
B&R Automation Runtime 安全漏洞
B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.4 that stems from the SDM component's generation of predictable numbers or identifiers, which could lead to an unauthenticated cyber attacker taking...
B&R Automation Runtime 安全漏洞
B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.3 and prior to Q4.93 that stems from improper resource locking of the SDM component, which could lead to a denial of service...
PT-2025-41144
Name of the Vulnerable Software and Affected Versions B Industrial Automation Automation Runtime versions prior to 6.4 Description An issue exists in B Industrial Automation Automation Runtime that allows for improper neutralization of input during web page generation, potentially leading to...
PT-2025-41146
Name of the Vulnerable Software and Affected Versions B&R Industrial Automation Automation Runtime versions 6.0 through 6.3, before Q4.93 Description An improper resource locking issue exists in B&R Industrial Automation Automation Runtime. This can lead to a denial-of-service DoS condition. The...
PT-2025-41145
Name of the Vulnerable Software and Affected Versions B Industrial Automation Automation Runtime versions 6.0 through 6.4 Description A flaw exists in the generation of numbers or identifiers within B Industrial Automation Automation Runtime. This issue could potentially compromise the security o...
EUVD-2024-46948
Malicious code in bioql PyPI...
EUVD-2024-46949
Malicious code in bioql PyPI...