Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2019-19100 CVE-2019-19101 CVE-2019-19102 |
CWE-ID | CWE-264 CWE-325 CWE-22 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Automation Studio Other software / Other software solutions |
Vendor | B&R Industrial Automation GmbH |
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU26604
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2019-19100
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper permission checks in the upgrade service. A local user can delete arbitrary files via an exposed interface.
This vulnerability affects the following versions:
Install updates from vendor's website.
Vulnerable software versionsAutomation Studio: before 4.8.1
http://ics-cert.us-cert.gov/advisories/icsa-20-093-01
http://www.br-automation.com/en-gb/service/cyber-security/
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU26605
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2019-19101
CWE-ID:
CWE-325 - Missing Required Cryptographic Step
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a man-in-the-middle (MitM) attack.
The vulnerability exists due to the missing secure communication definition and an incomplete TLS validation in the upgrade service. A remote attacker can perform MitM attacks via the B&R upgrade server.
This vulnerability affects the following versions:
Install updates from vendor's website.
Vulnerable software versionsAutomation Studio: before 4.8.1
http://ics-cert.us-cert.gov/advisories/icsa-20-093-01
http://www.br-automation.com/en-gb/service/cyber-security/
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU26606
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2019-19102
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in SharpZipLib used in the upgrade service. A local attacker can send a specially crafted HTTP request and read arbitrary files on the system.
This vulnerability affects the following versions:
Install update from vendor's website.
Vulnerable software versionsAutomation Studio: before 4.8.1
http://ics-cert.us-cert.gov/advisories/icsa-20-093-01
http://www.br-automation.com/en-gb/service/cyber-security/
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?