CVE-2020-11637

Summary

A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.

Affected Software

VendorProductVersion RangeStatus
B&RAutomation Runtimeunspecified <= 4.1xaffected
B&RAutomation Runtime4.2x < N4.26affected
B&RAutomation Runtime4.3x < N4.34affected
B&RAutomation Runtime4.4x < F4.45affected
B&RAutomation Runtime4.5x < E4.53affected
B&RAutomation Runtime4.6x < D4.63affected
B&RAutomation Runtime4.7x < A4.73affected

Weaknesses

  • CWE-401: CWE-401 Improper Release of Memory Before Removing Last Reference

ADP Enrichment

CVE Program Container

Additional References

References