PT-2020-10275 · B&R Industrial Automation · Aprol

Published

2020-11-27

Updated

2021-07-21

CVE-2019-19872

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions B&R Industrial Automation APROL versions prior to R4.2 V7.08

Description An issue was discovered that allows the injection and execution of arbitrary unintended commands via an unspecified attack scenario.

Recommendations For versions prior to R4.2 V7.08, update to version R4.2 V7.08 or later to resolve the issue.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2019-19872

Aprol