PT-2020-10277 · B&R Industrial Automation · Aprol
Published
2020-11-27
·
Updated
2021-07-21
·
CVE-2019-19874
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
B&R Industrial Automation APROL versions prior to R4.2 V7.08
Description
An issue was discovered in the web interface of the affected software, where some web scripts allowed injection and execution of arbitrary unintended commands on the web server.
Recommendations
For versions prior to R4.2 V7.08, update to version R4.2 V7.08 or later to resolve the issue.
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aprol