SecuriTricks - CVE-2024-5800

Product(s) Impacted

B&R Automation Runtime

before 6.0.2

Description

Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication.

Weaknesses

CWE-326

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

CWE ID: 326

Date

Published: Aug. 12, 2024, 1:38 p.m.

Last Modified: Aug. 12, 2024, 1:41 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

cybersecurity@ch.abb.com

CVE-2024-5800

Tags

Product(s) Impacted

Description

Weaknesses

CWE-326

Inadequate Encryption Strength

Date

Status : Awaiting Analysis

Source

References

CVE-2024-5800

Tags

Product(s) Impacted

Description

Weaknesses

CWE-326

Inadequate Encryption Strength

Date

Status : Awaiting Analysis

Source

References

Share