Skip to main content

Industrial Automation Aprol

3 CVEs product

Monthly

CVE-2024-5624 MEDIUM This Month

Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Industrial Automation Aprol
NVD
CVSS 4.0
5.1
EPSS
0.2%
CVE-2024-5623 MEDIUM This Month

An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Industrial Automation Aprol
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-5622 HIGH This Week

An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Industrial Automation Aprol
NVD
CVSS 4.0
7.3
EPSS
0.2%
EPSS 0% CVSS 5.1
MEDIUM This Month

Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Industrial Automation Aprol
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Industrial Automation Aprol
NVD
EPSS 0% CVSS 7.3
HIGH This Week

An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Industrial Automation Aprol
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy