Primary

Context

B&R APROL Code Injection Vulnerability in AprolCreateReport Component Allowing File Read

Vulnerability

A code injection vulnerability has been identified in the AprolCreateReport component of B&R APROL versions prior to 4.4-00P5. This vulnerability allows an unauthenticated network-based attacker to read files from the local system.

Impact

Exploitation of this vulnerability could lead to unauthorized file access on the local system.

Remediation

Users are advised to upgrade to B&R APROL version 4.4-01 or version 4.4-00P5 or later. After applying the update, it is recommended to change all passwords and secrets, as some vulnerabilities may have compromised credential confidentiality.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

B&R APROL Code Injection Vulnerability in AprolCreateReport Component Allowing File Read

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating