CVE-2024-8603

Name of the Vulnerable Software and Affected Versions B&R Automation Runtime versions prior to 6.1 B&R mapp View versions prior to 6.1

Description A "Use of a Broken or Risky Cryptographic Algorithm" issue in the SSL/TLS component may be exploited by unauthenticated network-based attackers to masquerade as services on impacted devices. This issue is being actively exploited.

Recommendations For B&R Automation Runtime versions prior to 6.1, update to version 6.1 or later to resolve the issue. For B&R mapp View versions prior to 6.1, update to version 6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SSL/TLS component until a patch is available.