Lucene search
K

92 matches found

vulnrichment
vulnrichment
added 2025/10/07 6:21 p.m.3 views

CVE-2025-3449 Weak Session Token used in Automation Runtime SDM

A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions...

4.2CVSS6.6AI score0.00184EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/10/07 6:21 p.m.3 views

CVE-2025-3448 XSS on SDM

Reflected cross-site scripting XSS vulnerabilities exist in System Diagnostics Manager SDM of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session...

6.1CVSS6AI score0.00251EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 6:21 p.m.6 views

EUVD-2025-32883

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in B&R Industrial Automation Automation Runtime.This issue affects Automation Runtime: from 6.0 before 6.4...

6.1CVSS6AI score0.00251EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/07 6:21 p.m.10 views

CVE-2025-3448 XSS on SDM

Reflected cross-site scripting XSS vulnerabilities exist in System Diagnostics Manager SDM of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session...

6.1CVSS0.00251EPSS
Exploits0References1
cve
cve
added 2025/10/07 6:21 p.m.12 views

CVE-2025-3448

CVE-2025-3448 describes a reflected cross-site scripting (XSS) in the System Diagnostics Manager (SDM) of B&R Automation Runtime, prior to 6.4 . The vulnerability allows a remote attacker to cause the affected user’s browser to execute arbitrary JavaScript, via crafted input during web page gener...

6.1CVSS6AI score0.00251EPSS
Exploits0References1
nvd
nvd
added 2025/10/07 6:15 p.m.6 views

CVE-2025-3450

An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions...

10CVSS0.0026EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 6:3 p.m.6 views

EUVD-2025-32721

Improper Resource Locking vulnerability in B&R Industrial Automation Automation Runtime.This issue affects Automation Runtime: from 6.0 before 6.3, before Q4.93...

10CVSS6.5AI score0.0026EPSS
Exploits0References2
cve
cve
added 2025/10/07 6:3 p.m.13 views

CVE-2025-3450

CVE-2025-3450 describes an Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime . Affected versions are before 6.3 and before Q4.93, where an unauthenticated, network-based attacker could delete data, leading to denial of service. The issue stems from resource lo...

10CVSS6.5AI score0.0026EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/07 6:3 p.m.12 views

CVE-2025-3450 Automation Runtime SDM requests may impact system

An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions...

10CVSS0.0026EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/10/07 6:3 p.m.4 views

CVE-2025-3450 Automation Runtime SDM requests may impact system

An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions...

10CVSS6.5AI score0.0026EPSS
Exploits0References1
ics
ics
added 2025/10/07 12:30 a.m.9 views

ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)

SUMMARY An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could cause the product to stop. 2. MITIGATING FACTORS Deactivate the...

10CVSS5.8AI score0.0026EPSS
Exploits0References10
ics
ics
added 2025/10/07 12:30 a.m.10 views

ABB B&R Automation Runtime

SUMMARY An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could take over a remote session or execute code in the context of...

6.1CVSS6AI score0.00251EPSS
Exploits0References10
cnnvd
cnnvd
added 2025/10/07 12:0 a.m.3 views

B&R Automation Runtime 安全漏洞

B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.4, which stems from the presence of reflective cross-site scripting in System Diagnostics Manager that could lead to the execution of arbitrary...

6.1CVSS6.2AI score0.00251EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/10/07 12:0 a.m.3 views

B&R Automation Runtime 安全漏洞

B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.4 that stems from the SDM component's generation of predictable numbers or identifiers, which could lead to an unauthenticated cyber attacker taking...

4.2CVSS6.8AI score0.00184EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/10/07 12:0 a.m.4 views

B&R Automation Runtime 安全漏洞

B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.3 and prior to Q4.93 that stems from improper resource locking of the SDM component, which could lead to a denial of service...

10CVSS6.6AI score0.0026EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/10/07 12:0 a.m.6 views

PT-2025-41144

Name of the Vulnerable Software and Affected Versions B Industrial Automation Automation Runtime versions prior to 6.4 Description An issue exists in B Industrial Automation Automation Runtime that allows for improper neutralization of input during web page generation, potentially leading to...

6.1CVSS6.3AI score0.00251EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2025/10/07 12:0 a.m.5 views

PT-2025-41146

Name of the Vulnerable Software and Affected Versions B&R Industrial Automation Automation Runtime versions 6.0 through 6.3, before Q4.93 Description An improper resource locking issue exists in B&R Industrial Automation Automation Runtime. This can lead to a denial-of-service DoS condition. The...

10CVSS5.8AI score0.0026EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2025/10/07 12:0 a.m.7 views

PT-2025-41145

Name of the Vulnerable Software and Affected Versions B Industrial Automation Automation Runtime versions 6.0 through 6.4 Description A flaw exists in the generation of numbers or identifiers within B Industrial Automation Automation Runtime. This issue could potentially compromise the security o...

4.2CVSS6.4AI score0.00184EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-46948

Malicious code in bioql PyPI...

8.3CVSS6.6AI score0.00252EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-46949

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00251EPSS
Exploits0References1
Rows per page
Query Builder