Filtered by vendor Br-automation
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19872 | 1 Br-automation | 1 Industrial Automation Aprol | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. The AprolLoader could be used to inject and execute arbitrary unintended commands via an unspecified attack scenario, a different vulnerability than CVE-2019-16364. | |||||
| CVE-2019-19874 | 1 Br-automation | 1 Industrial Automation Aprol | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Some web scripts in the web interface allowed injection and execution of arbitrary unintended commands on the web server, a different vulnerability than CVE-2019-16364. | |||||
| CVE-2019-19875 | 1 Br-automation | 1 Industrial Automation Aprol | 2020-12-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands could be injected (using Python scripts) via the AprolCluster script that is invoked via sudo and thus executes with root privileges, a different vulnerability than CVE-2019-16364. | |||||
| CVE-2019-19876 | 1 Br-automation | 1 Industrial Automation Aprol | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An EnMon PHP script was vulnerable to SQL injection, a different vulnerability than CVE-2019-10006. | |||||
| CVE-2019-19108 | 1 Br-automation | 2 Automation Runtime, Automation Studio | 2020-04-29 | 7.5 HIGH | 9.4 CRITICAL |
| An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP. | |||||