A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and < 4.7.2 enable unauthenticated users to perform MITM attacks via the B&R upgrade server.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Automation_studio | Br-automation | 4.0 (including) | 4.0.29.87 (including) |
| Automation_studio | Br-automation | 4.1 (including) | 4.1.17.113 (including) |
| Automation_studio | Br-automation | 4.2 (including) | 4.2.14.119 (including) |
| Automation_studio | Br-automation | 4.3 (including) | 4.3.11 (excluding) |
| Automation_studio | Br-automation | 4.4 (including) | 4.4.9 (excluding) |
| Automation_studio | Br-automation | 4.5 (including) | 4.5.5 (excluding) |
| Automation_studio | Br-automation | 4.6 (including) | 4.6.4 (excluding) |
| Automation_studio | Br-automation | 4.7 (including) | 4.7.2 (excluding) |