You are here

B&R Automation SiteManager and GateManager (ICSA-20-273-03) – Products Used in the Energy Sector

B&R Automation SiteManager and GateManager (ICSA-20-273-03) – Products Used in the Energy Sector

Created: Tuesday, September 29, 2020 - 15:43
Categories:
Cyber Security

CISA has published an advisory on path traversal, uncontrolled resource consumption, information exposure, improper authentication, and information disclosure vulnerabilities in B&R Automation SiteManager and GateManager. Numerous versions of these products are affected. Successful exploitation of these vulnerabilities could allow for arbitrary information disclosure, manipulation, and a denial-of-service condition. B&R Industrial Automation reports the vulnerabilities have been fixed in other versions. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.