Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2024-0220
HistoryFeb 22, 2024 - 11:15 a.m.

Code injection

2024-02-2211:15:00
PRIOn knowledge base
www.prio-n.com
3
code injection
inadequate encryption
sensitive data transmission
software version
network-based attack

8.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.

Missing Encryption of Sensitive Data, Cleartext Transmission of Sensitive Information, Improper Control of Generation of Code (β€˜Code Injection’), Inadequate Encryption Strength vulnerability in B&R Industrial Automation B&R Automation Studio (Upgrade Service modules), B&R Industrial Automation Technology Guarding.This issue affects B&R Automation Studio: <4.6; Technology Guarding: <1.4.0.

Related

cvelist 1
cve 1
nvd 1
cvelist
cvelist
CVE-2024-0220 B&R products use insufficient communication encryption
2024-02-22 10:15:44
cve
cve
CVE-2024-0220
2024-02-22 11:15:08
nvd
nvd
CVE-2024-0220
2024-02-22 11:15:08

8.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for PRION:CVE-2024-0220
cvelist1cve1nvd1