B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to port 55502/tcp, which may allow a network based attacker to cause an application Denial-of-Service.
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Industrial_automation_aprol | Br-automation | * | r4.2-07 (excluding) |