Br-Automation: >> Industrial Automation Aprol >> r4.2-07p3 Security Vulnerabilities
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-08-29
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-08-29
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session
CVSS Score
6.1
EPSS Score
0.002
Published
2024-08-29