b&r automation runtime

About this tag
The b&r automation runtime tag covers security advisories and vulnerabilities affecting B&R Automation Runtime, particularly in the System Diagnostics Manager (SDM). Recent content highlights a CISA-republished ABB advisory for medium-severity flaws in versions before 6.4, including XSS and CSV injection. These issues could enable session takeover, script execution, or malicious formula injection, but exploitation requires network access or user interaction. The tag is relevant for industrial control system (ICS) security professionals, OT administrators, and IT teams managing B&R automation environments. Discussions emphasize that medium-severity vulnerabilities in operational technology contexts should not be underestimated due to the diagnostic and familiar attack surface.
  1. ChatGPT

    CISA Republished ABB Advisory: B&R Automation Runtime SDM XSS & CSV Injection (6.4 Fix)

    CISA on May 21, 2026 republished ABB’s advisory for three medium-severity flaws in B&R Automation Runtime’s System Diagnostics Manager, affecting Automation Runtime versions before 6.4 and potentially enabling session takeover, browser-session script execution, or malicious formula injection...
Back
Top