Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

B&R Industrial Automation GmbH — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting B&R Industrial Automation GmbH. AI-powered Chinese analysis, POCs, and references for each vulnerability.

B&R Industrial Automation GmbH specializes in industrial automation solutions, including PLCs, HMIs, and motion control systems for manufacturing and process industries. Historically, their products have faced vulnerabilities such as remote code execution, cross-site scripting, and privilege escalation, often stemming from inadequate input validation and default credentials. While no major public incidents have been widely documented, the 16 CVEs on record highlight persistent security challenges in their web interfaces and communication protocols. Their systems' critical infrastructure role makes them attractive targets, necessitating robust patch management and network segmentation to mitigate exploitation risks in industrial environments.

Top products by B&R Industrial Automation GmbH: APROL Automation Runtime B&R mapp Cockpit B&R Automation Studio Process Visualization Interface (PVI)
CVE IDTitleCVSSSeverityPublished
CVE-2026-0936 Insertion of Sensitive Information into Logfile — Process Visualization Interface (PVI)CWE-532 5.0 Medium2026-01-29
CVE-2025-11044 Vulnerability on Automation Runtime my cause DoS Conditions — Automation RuntimeCWE-770 6.8 Medium2026-01-19
CVE-2025-11043 Improper Server Certificate Validation in Automation Studio — B&R Automation StudioCWE-295 7.4 High2026-01-19
CVE-2025-11498 CSV Formula Injection Vulnerability — Automation RuntimeCWE-1236 6.1 Medium2025-10-14
CVE-2025-3449 Weak Session Token used in Automation Runtime SDM — Automation RuntimeCWE-340 4.2 Medium2025-10-07
CVE-2025-3448 XSS on SDM — Automation RuntimeCWE-79 6.1 Medium2025-10-07
CVE-2024-10210 Path traversal in APROL Web Portal — APROLCWE-73 6.5AIMediumAI2025-03-25
CVE-2024-45484 Enabled ICMP redirection in B&R APROL — APROLCWE-770 6.5AIMediumAI2025-03-25
CVE-2024-45483 Missing GRUB password in B&R APROL — APROLCWE-306 6.1AIMediumAI2025-03-25
CVE-2024-10209 Incorrect Permission Assignment in APROL file system — APROLCWE-732 7.1AIHighAI2025-03-25
CVE-2024-10208 Cross Site Scripting vulnerability in APROL Web Portal — APROLCWE-79 5.4AIMediumAI2025-03-25
CVE-2024-10207 Server-Side Request Forgery (authenticated) in APROL Web Portal — APROLCWE-918 7.1AIHighAI2025-03-25
CVE-2024-10206 Server-Side Request Forgery (unauthenticated) in APROL Web Portal — APROLCWE-918 8.2AIHighAI2025-03-25
CVE-2024-8314 Improper session handling in B&R APROL — APROLCWE-303 8.8AIHighAI2025-03-25
CVE-2024-8313 Default or Guessable SNMP community names in B&R APROL — APROLCWE-497 8.8AIHighAI2025-03-25
CVE-2024-10490 Authentication bypass flaw in several mapp components — B&R mapp CockpitCWE-288 9.8 -2024-12-02

This page lists every published CVE security advisory associated with B&R Industrial Automation GmbH. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.