CVE-2024-10209

Name of the Vulnerable Software and Affected Versions B&R APROL versions prior to 4.4-01

Description The issue is related to an Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in B&R APROL. This vulnerability may allow an authenticated local attacker to read and alter the configuration of another engineering or runtime user.

Recommendations For versions prior to 4.4-01, update to version 4.4-01 or later to resolve the issue. As a temporary workaround, consider restricting access to the file system to minimize the risk of exploitation.