Lucene search
K

37 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.7 views

CVE-2021-22280

Improper DLL loading algorithms in B Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.10 views

CVE-2021-22289

Improper Input Validation vulnerability in the project upload mechanism in B Automation Studio version =4.0 may allow an unauthenticated network attacker to execute code...

9.8CVSS7.2AI score0.00648EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8737

Malware in sbrugna...

7.5CVSS6.9AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8738

Malware in sbrugna...

6.5CVSS6AI score0.00515EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-8739

Malware in sbrugna...

7.5CVSS7.6AI score0.01246EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-9435

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00648EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-9427

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00376EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9426

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.7 views

CVE-2019-19101

A missing secure communication definition and an incomplete TLS validation in the upgrade service in B Automation Studio versions 4.0.x, 4.1.x, 4.2.x, 4.3.11SP, 4.4.9SP, 4.5.5SP, 4.6.4 and 4.7.2 enable unauthenticated users to perform MITM attacks via the B upgrade server...

6.5CVSS6.9AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:24 a.m.10 views

CVE-2019-19102

A directory traversal vulnerability in SharpZipLib used in the upgrade service in B Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip...

7.5CVSS6.9AI score0.01246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:12 p.m.6 views

CVE-2019-19100

A privilege escalation vulnerability in the upgrade service in B Automation Studio versions 4.0.x, 4.1.x, 4.2.x, 4.3.11SP, 4.4.9SP, 4.5.4SP, . 4.6.3SP, 4.7.2 and 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface...

7.5CVSS7AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 8:15 p.m.20 views

CVE-2021-22280

Improper DLL loading algorithms in B&R Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 7:36 p.m.44 views

CVE-2021-22280

CVE-2021-22280 крат: B&R Automation Studio versions 4.0–4.11 suffer from improper DLL loading, enabling an authenticated local attacker to execute code in the product context. The issue is confirmed across multiple sources (PT-2024-10875, Red Hat/NVD records). Impact is local code execution with ...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/22 10:15 a.m.11 views

CVE-2024-0220 B&R products use insufficient communication encryption

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data...

8.3CVSS7.7AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2024/02/22 10:15 a.m.93 views

CVE-2024-0220

Affected software: B&R Automation Studio Upgrade Service and B&R Technology Guarding. Issue: insufficient cryptography in communications with upgrade and licensing servers, enabling a network attacker to potentially execute arbitrary code or sniff sensitive data. Root cause: cryptographic weaknes...

8.3CVSS8.6AI score0.00364EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2024/02/22 10:15 a.m.34 views

CVE-2024-0220 B&R products use insufficient communication encryption

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data...

8.3CVSS8.7AI score0.00364EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/02 7:24 a.m.9 views

CVE-2021-22281 Zip Slip Vulnerability in B&R Automation Studio Project Import

: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12...

6.3CVSS6.9AI score0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/02 7:24 a.m.19 views

CVE-2021-22281 Zip Slip Vulnerability in B&R Automation Studio Project Import

: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12...

6.3CVSS7.8AI score0.00376EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/02 6:38 a.m.3 views

CVE-2021-22282 RCE in B&R Automation Studio with crafted project files

Improper Control of Generation of Code 'Code Injection' vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12...

8.3CVSS7.5AI score0.00397EPSS
Exploits0References1
CVE
CVE
added 2024/02/02 6:38 a.m.25 views

CVE-2021-22282

The CVE-2021-22282 issue affects B&R Industrial Automation Automation Studio versions 4.0–4.12. The root cause is an improper control of code generation stemming from an improper copy algorithm in the project extraction component, which can enable local code execution. The impact is that an unaut...

8.3CVSS7.8AI score0.00397EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder