An Allocation of Resources Without Limits or Throttling vulnerability in the ANSL-Server component of B&R Automation Runtime versions prior to 6.5 and prior to R4.93 could be exploited by an unauthenti-cated attacker on the network to win a race condition, resulting in permanent denial-of-service (DoS) conditions on affected devices.
A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and < 4.7.2 enable unauthenticated users to perform MITM attacks via the B&R upgrade server.
An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability requires the attacker to create a malicious link. The user would need to click on this link, after which the resulting CSV file addi-tionally needs to be manually opened.
Reflected cross-site scripting (XSS) vulnerabilities exist in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session
A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session.
A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session.
A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.
A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip.
A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions.
| CVE ID ⇅ | Severity ↓ | Description | |
|---|---|---|---|
| CVE-2025-11044 | MEDIUM | An Allocation of Resources Without Limits or Throttling vulnerability in the ANSL-Server component o… | › |
| CVE-2019-19101 | MEDIUM | A missing secure communication definition and an incomplete TLS validation in the upgrade service in… | › |
| CVE-2025-11498 | MEDIUM | An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnost… | › |
| CVE-2025-3448 | MEDIUM | Reflected cross-site scripting (XSS) vulnerabilities exist in System Diagnostics Manager (SDM) of B&… | › |
| CVE-2023-6028 | MEDIUM | A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics… | › |
| CVE-2022-4286 | MEDIUM | A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Au… | › |
| CVE-2020-11637 | MEDIUM | A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53,… | › |
| CVE-2019-19102 | MEDIUM | A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Stu… | › |
| CVE-2025-3449 | MEDIUM | A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automat… | › |