PT-2025-12729 · B&R · B&R Aprol

Published

2025-03-24

Updated

2025-03-25

CVE-2024-45481

CVSS v4.0

8.5

High

Vector

AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions B&R APROL versions prior to 4.4-00P5

Description The issue is related to an Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server, which may allow an authenticated local attacker to authenticate as another legitimate user.

Recommendations For versions prior to 4.4-00P5, update to version 4.4-00P5 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-791

Related Identifiers

BDU:2025-05898

CVE-2024-45481

Affected Products

B&R Aprol

PT-2025-12729 · B&R · B&R Aprol

CVE-2024-45481

Weakness Enumeration

Related Identifiers

Affected Products

References · 7