CVE-2024-45481

Summary

An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user.

Affected Software

VendorProductVersion RangeStatus
B&R Industrial AutomationB&R APROLR4.4 < 4.4-00P5affected

Weaknesses

  • CWE-791: CWE-791: Incomplete Filtering of Special Elements

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References