B&R Industrial Automation Studio is a comprehensive software tool for developing, testing, and servicing time-critical applications in the field of machine and system manufacturing. It provides a unified platform for programming (IEC 61131-3 and C), visualization, motion control, and safety technology. Automation Studio also supports diagnostics, reporting, and version management to enable efficient and seamless industrial process automation.

B&R Industrial Automation Studio

Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12.



CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2024-0220	HIGH	8.1	B&R Industrial Automation Studio	cpe:2.3:a:br-automation:automation_studio	No	Yes	Feb 22, 2024
CVE-2020-24682	HIGH	7.8	B&R Industrial Automation Studio	cpe:2.3:a:br-automation:automation_studio	No	Yes	Feb 02, 2024
CVE-2021-22282	HIGH	7.8	B&R Industrial Automation Studio	cpe:2.3:a:br-automation:automation_studio	No	Yes	Feb 02, 2024
CVE-2021-22281	HIGH	7.5	B&R Industrial Automation Studio	cpe:2.3:a:br-automation:automation_studio	No	Yes	Feb 02, 2024
CVE-2021-22280	HIGH	7.2	B&R Industrial Automation Studio	cpe:2.3:a:br-automation:automation_studio	No	Yes	May 14, 2024

CVE-2021-22282:
B&R Industrial Automation Studio vulnerability analysis and mitigation

7.8

Related B&R Industrial Automation Studio vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2021-22282: B&R Industrial Automation Studio vulnerability analysis and mitigation