CVE-2021-22280

HIGH EPSS 6.2%
Published May 14, 20242y ago · Modified Jun 17, 20261w ago
7.2 CVSS 3.1
High
Find Similar
Published May 14, 2024 2y ago
Last Modified Jun 17, 2026 1w ago

Description

Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.

CVSS Details

Base Score
7.2
Exploitability
0.6
Impact
6.0
Vector string
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction Required
Scope Changed
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
6.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-20 Improper Input Validation Validation
CWE-427

Affected Products 1

VendorProductVersionRange
br-automationautomation_studio*≥4.0  –  <4.12

References 1

  • br-automation.com https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.