CVE-2024-8313

Name of the Vulnerable Software and Affected Versions B&R APROL versions prior to 4.4-00P5

Description The issue allows an unauthenticated adjacent-based attacker to read and alter configuration using SNMP, due to an Exposure of Sensitive System Information to an Unauthorized Control Sphere and Initialization of a Resource with an Insecure Default vulnerability in the SNMP component.

Recommendations For versions prior to 4.4-00P5, update to version 4.4-00P5 or later to resolve the issue. As a temporary workaround, consider restricting access to the SNMP component to minimize the risk of exploitation.