[Control systems] B&R Industrial Automation security advisory

From: Canadian Centre for Cyber Security

Number: AV21-601
Date: 30 November 2021

On 30 November 2021 B&R Industrial Automation published Security Advisories to address vulnerabilities in the following products:

  • TCP/IP stack in:
    • Vision cameras – multiple models and versions
    • Safe Logic – multiple models and versions
    • Bus Controllers – multiple models and versions
    • Motion components – multiple models and versions
  • B&R Automation Studio – versions 4.6.x and prior, 4.7.6 and prior, 4.8.5 and prior and 4.9.3 and prior.
  • B&R Automation NET/PVI - versions 4.6.x and prior, 4.7.6 and prior, 4.8.5 and prior and 4.9.3 and prior.

Exploitation of these vulnerabilities could lead to session hijacking or privilege escalation.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, once available.

Number:Jack Cyber Security Advisory (#13/2021)
https://www.br-automation.com/downloads_br_productcatalogue/assets/1636745459972-en-original-1.0.pdf

B&R Automation Studio/NET/PVI Cyber Security Advisory (#14/2021)
https://www.br-automation.com/downloads_br_productcatalogue/assets/1636745459964-en-original-1.0.pdf

 

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: