Browse all 29 CVE security advisories affecting B&R Industrial Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
B&R Industrial Automation specializes in industrial automation technology, providing hardware and software solutions for machine building and factory automation. The company’s product portfolio, which includes programmable logic controllers and drive systems, has been associated with 29 recorded Common Vulnerabilities and Exposures (CVEs). Historically, these security flaws predominantly involve remote code execution and buffer overflow vulnerabilities, often stemming from insufficient input validation in network-facing services. While specific high-profile breaches are not widely publicized, the concentration of critical severity ratings indicates systemic weaknesses in legacy protocol implementations and default configuration settings. These issues pose significant risks to operational technology environments, potentially allowing unauthorized control over industrial processes. The profile suggests a need for rigorous patch management and network segmentation to mitigate the impact of these persistent software defects within critical infrastructure deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3450 | Automation Runtime SDM requests may impact system — Automation RuntimeCWE-413 | 10.0 | Critical | 2025-10-07 |
| CVE-2024-8603 | B&R Automation Runtime 加密问题漏洞 — Automation RuntimeCWE-327 | 7.5 | High | 2025-01-15 |
| CVE-2024-5801 | IP Forwarding enabled in B&R Automation Runtime — Automation RuntimeCWE-1188 | 7.5AI | HighAI | 2024-08-10 |
| CVE-2024-5800 | Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B&R Automation Runtime — Automation RuntimeCWE-326 | 7.5AI | HighAI | 2024-08-10 |
| CVE-2023-6028 | SDM Web interface vulnerable to XSS — Automation RuntimeCWE-79 | 6.1 | Medium | 2024-02-05 |
| CVE-2024-0323 | FTP uses unsecure encryption mechanisms — Automation RuntimeCWE-1240 | 9.8 | Critical | 2024-02-05 |
This page lists every published CVE security advisory associated with B&R Industrial Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.