CVE-2021-22275

Summary

Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.

Affected Software

VendorProductVersion RangeStatus
B&R AutomationAutomation Runtime webserverunspecified < 4.91affected

Weaknesses

  • CWE-120: CWE-120 Buffer Overflow

Workarounds

B&R recommends the following specific workarounds and mitigations: The access to the Automation Runtime webserver should be restricted to legitimate network partners, using e.g. a sufficient Firewall setup and robust network segmentation. B&R recommends deactivating Automation Runtime webserver when not needed.

ADP Enrichment

CVE Program Container

Additional References

References