ABB B&R Automation Runtime
Summary
ABB B&R Automation Runtime versions prior to 6.4 are affected by multiple vulnerabilities. Successful exploitation could allow an attacker to take over remote sessions or execute code within a user's browser session. An update is available to address these issues.
IFF Assessment
This article details vulnerabilities in ABB B&R Automation Runtime, posing risks to critical infrastructure and allowing attackers to compromise sessions, which is bad news for defenders.
Severity
The CVSS score of 6.1 reflects a medium severity, primarily due to the potential for session takeover and code execution, which can be achieved remotely but may require specific conditions. The identified vulnerabilities include predictable number generation, cross-site scripting, and improper CSV formula handling.
Defender Context
Defenders should be aware of these vulnerabilities impacting operational technology (OT) systems, particularly in the energy sector. Prioritizing patching or implementing mitigating controls for ABB B&R Automation Runtime is crucial to prevent session hijacking and code execution. This highlights the ongoing need for robust security practices in industrial control systems.