Lucene search
HistoryFeb 02, 2024 - 7:15 a.m.
CVE-2021-22282
cve-2021-22282
b&r industrial automation
automation studio
code injection
local execution
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
22.7%
Improper Control of Generation of Code (‘Code Injection’) vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12.
Affected configurations
Node
br-automationautomation_studioRange4.0–4.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| br-automation | automation_studio | * | cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2024-02-02 07:15:00
cvelist
cvelist
CVE-2021-22282 RCE in B&R Automation Studio with crafted project files
2024-02-02 06:38:32
cve
cve
CVE-2021-22282
2024-02-02 07:15:08
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
22.7%
Related for NVD:CVE-2021-22282