PT-2024-10875 · B&R · Automation Studio
Published
2024-05-14
·
Updated
2024-08-01
·
CVE-2021-22280
CVSS v3.1
7.2
High
| Vector | AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
B&R Automation Studio versions 4.0 through 4.11
Description
The issue is related to improper DLL loading algorithms, which may allow an authenticated local attacker to execute code in the context of the product with elevated privileges.
Recommendations
For B&R Automation Studio versions 4.0 through 4.11, update to version 4.12 or later to resolve the issue.
Fix
RCE
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Automation Studio