ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
Summary
ABB B&R Automation Runtime has a Denial of Service (DoS) vulnerability in its System Diagnostics Manager (SDM) component. Exploiting this flaw could allow an unauthenticated attacker to delete data, leading to service disruption. Updates are available to address this issue.
IFF Assessment
This vulnerability allows an attacker to disrupt services, which is negative for defenders and users of the affected systems.
Severity
The article explicitly states a CVSS v3.1 score of 10.0, indicating a critical severity vulnerability. This score is justified by the potential for unauthenticated network-based attackers to cause denial of service conditions, representing a high impact on availability.
Defender Context
This critical DoS vulnerability in ABB B&R Automation Runtime's SDM component poses a significant risk to industrial control systems, particularly in sectors like chemical, manufacturing, and energy. Defenders must prioritize patching or applying vendor-recommended mitigations to prevent potential service disruptions and data loss. Monitoring for unusual network activity targeting the SDM component should also be a key defensive measure.