CNNVD-202510-2029 Information

CNNVD ID

CNNVD-202510-2029

Related CVE

CVE-2025-11498

• CNNVD Published: 2025-10-14

Description (Chinese)

B&R Automation Runtime是B&R Automation公司的一个自动化运行时。 B&R Automation Runtime 6.4之前版本存在安全漏洞，该漏洞源于CSV文件中公式元素中和不当，可能导致远程攻击者注入公式数据。

Description (English)

B&R Automation Runtme is an automated running time for B&R Automation. There was a security loophole in the previous version of B&R Automation Runtime 6.4, which stemmed from the misalignment of the formula elements in the CSV document and could lead to the injection of formula data by remote assailants.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

B&R Automation

Published

2025-10-14

Last Modified

2026-02-24

References

https://www.br-automation.com/fileadmin/SA25P003-178b6a20.pdf https://access.redhat.com/security/cve/cve-2025-11498

Patch

https://www.br-automation.com/en/