Ppt30 Operating System
Monthly
Denial of service in B&R Industrial Automation PPT30 Operating System versions before 1.8.0 allows unauthenticated network attackers to permanently disable the OPC-UA Server through resource exhaustion. The flaw stems from missing throttling on resource allocation (CWE-770) and carries a CVSS 4.0 score of 8.7 due to high availability impact via the network with no privileges or user interaction. EPSS is low at 0.04% and no public exploit has been identified at time of analysis, though SSVC marks the issue as automatable with partial technical impact.
Denial of service in B&R Industrial Automation PPT30 Operating System versions before 1.8.0 allows unauthenticated network attackers to permanently disable the OPC-UA Server through resource exhaustion. The flaw stems from missing throttling on resource allocation (CWE-770) and carries a CVSS 4.0 score of 8.7 due to high availability impact via the network with no privileges or user interaction. EPSS is low at 0.04% and no public exploit has been identified at time of analysis, though SSVC marks the issue as automatable with partial technical impact.