You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
b&r automation runtime
About this tag
The b&r automation runtime tag covers security advisories and vulnerabilities affecting B&R Automation Runtime, particularly in the System Diagnostics Manager (SDM). Recent content highlights a CISA-republished ABB advisory for medium-severity flaws in versions before 6.4, including XSS and CSV injection. These issues could enable session takeover, script execution, or malicious formula injection, but exploitation requires network access or user interaction. The tag is relevant for industrial control system (ICS) security professionals, OT administrators, and IT teams managing B&R automation environments. Discussions emphasize that medium-severity vulnerabilities in operational technology contexts should not be underestimated due to the diagnostic and familiar attack surface.
CISA on May 21, 2026 republished ABB’s advisory for three medium-severity flaws in B&R Automation Runtime’s System Diagnostics Manager, affecting Automation Runtime versions before 6.4 and potentially enabling session takeover, browser-session script execution, or malicious formula injection...