PT-2026-5305 · Br Automation · B&R Pvi Client
Published
2026-01-29
·
Updated
2026-05-06
·
CVE-2026-0936
CVSS v3.1
5.0
Medium
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
B&R PVI client versions prior to 6.5
Description
An issue exists in B&R PVI client where an authenticated local attacker may be able to gather credential information. This occurs through the insertion of sensitive information into log files. The logging function is disabled by default and requires explicit user enablement.
Recommendations
Update B&R PVI client to version 6.5 or later.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
B&R Pvi Client