Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

B&R — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting B&R. AI-powered Chinese analysis, POCs, and references for each vulnerability.

B&R specializes in industrial automation and control systems, serving manufacturing and process industries. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and insecure default configurations. While no major public security incidents have been widely documented, the 11 CVEs on record highlight persistent security challenges in their web interfaces and communication protocols. Their systems' critical infrastructure role makes such vulnerabilities particularly concerning, as exploitation could lead to operational disruption or safety risks in industrial environments.

Top products by B&R: GateManager Automation Studio Automation Runtime SiteManager
CVE IDTitleCVSSSeverityPublished
CVE-2020-11637 Automation Runtime TFTP Service DoS Vulnerability — Automation RuntimeCWE-401 5.8 Medium2020-10-15
CVE-2020-11646 GateManager Log Information Disclosure Vulnerability — GateManagerCWE-532 4.3 Medium2020-10-15
CVE-2020-11645 GateManager Denial of Service Vulnerability — GateManagerCWE-400 6.5 Medium2020-10-15
CVE-2020-11642 SiteManager Denial of Service via Local File Inclusion Vulnerability — SiteManagerCWE-552 7.7 High2020-10-15
CVE-2020-11641 SiteManager Local File Inclusion Vulnerability — SiteManagerCWE-552 7.7 High2020-10-15
CVE-2020-11644 GateManager Audit Message Spoofing Vulnerability — GateManagerCWE-117 6.5 Medium2020-10-15
CVE-2020-11643 GateManager Information Disclosure Vulnerability — GateManagerCWE-532 6.5 Medium2020-10-15
CVE-2019-19100 Privilege escalation via B&R Automation Studio upgrade service — Automation StudioCWE-264 7.5 High2020-04-29
CVE-2019-19102 Zip Slip vulnerability in 3rd-Party library in B&R Automation Studio upgrade service — Automation StudioCWE-22 5.5 Medium2020-04-29
CVE-2019-19101 Incomplete communication encryption and validation in B&R Automation Studio upgrade service — Automation StudioCWE-326 6.5 Medium2020-04-29
CVE-2019-19108 B&R Automation Runtime SNMP Authentication and Authorization Weakness — Automation RuntimeCWE-798 9.4 Critical2020-04-20

This page lists every published CVE security advisory associated with B&R. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.