CISA has published an advisory on an improper authorization vulnerability in B&R Industrial Automation Automation Studio and Automation Runtime. Multiple versions of both products are affected. Successful exploitation of this vulnerability may allow a remote attacker to modify the configuration of affected devices. B&R reports product-technical reasons disallow the changing of SNMP credentials. To reduce risk from this vulnerability, the following Automation Studio versions disable the SNMP service by default in newly created AS projects. B&R recommends that affected users evaluate their need for the SNMP service and disable it if possible. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
You are here
Related Resources
May 22, 2025 in Cybersecurity, in Security Preparedness
May 22, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
May 22, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness