CVE-2021-22275
8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| B&R Automation | Automation Runtime webserver | unspecified < 4.91 | affected |
Weaknesses
- CWE-120: CWE-120 Buffer Overflow
Workarounds
B&R recommends the following specific workarounds and mitigations: The access to the Automation Runtime webserver should be restricted to legitimate network partners, using e.g. a sufficient Firewall setup and robust network segmentation. B&R recommends deactivating Automation Runtime webserver when not needed.
ADP Enrichment
CVE Program Container
Additional References
- https://www.br-automation.com/downloads_br_productcatalogue/assets/1625405588264-en-original-1.0.pdf
References
- https://www.br-automation.com/downloads_br_productcatalogue/assets/1625405588264-en-original-1.0.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.