CVE-2024-5801

Aug. 12, 2024, 1:41 p.m.

Tags

CWE-1188
cybersecurity@ch.abb.com
2024-08-12
CVE-2024-5801

Product(s) Impacted

B&R Automation Runtime

  • before 6.0.2

Description

Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering.

Weaknesses

CWE-1188
Initialization of a Resource with an Insecure Default

The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.

CWE ID: 1188

Date

Published: Aug. 12, 2024, 1:38 p.m.

Last Modified: Aug. 12, 2024, 1:41 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

cybersecurity@ch.abb.com

References

https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf
cybersecurity@ch.abb.com