Automation Studio Security Vulnerabilities and Issues — Automation Studio CVE List

Lucene search

Br-automationAutomation Studio

4 matches found

CVE•added 2020/04/29 3:15 a.m.•86 views

CVE-2019-19102

A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip.

7.5CVSS6.4AI score0.00699EPSS

CVE•added 2020/04/29 3:15 a.m.•80 views

CVE-2019-19100

A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and

7.5CVSS7.1AI score0.0004EPSS

CVE•added 2020/04/29 3:15 a.m.•77 views

CVE-2019-19101

A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and

6.5CVSS6.2AI score0.00101EPSS

CVE•added 2020/04/20 10:15 p.m.•44 views

CVE-2019-19108

An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP.

9.4CVSS9.5AI score0.00572EPSS