← Back to home
ICSA-26-125-03  ·  Published 2026-05-05  ·  View on CISA ICS-CERT ↗

ABB B&R Automation Runtime

CVSS 6.8 MEDIUM

Risk Summary

ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. An attacker who successfully exploited this vulnerability could cause the product to stop.

CVEs (1)

Remediations

  • The problem is corrected in the following product versions: - Automation Runtime 6 versions >= 6.5 - Automation Runtime 4 versions >= R4.93 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual.
  • The vulnerability cannot be exploited on all devices or across all customer applications. Extensive investigations by B&R have determined that shorter cycle times in customer projects increase the likelihood of potential exploitation. For customers unable to transition to a patched version, adjusting their application configuration to longer cycle times may therefore be considered as a mitigating measure. B&R Automation Runtime is designed to be operated on Level 1 of the ABB ICS Cyber Security Reference Architecture. Exploitation of the vulnerability from outside Level 1 would require an attacker to bypass the Control Network Firewall. Limiting the maximum data traffic and the maximum number of concurrent connections to the ANSL server of Automation Runtime on the Control Network Firewall, shall be considered to mitigate this vulnerability. B&R further recommends, in alignment with its Defense in Depth for B&R Products guidelines, that customers: - Test the maximum load capacity of their application under Automation Runtime before commissioning. - Restrict the permitted data traffic to the device via the Control Network Firewall to no more than 80% of the measured peak traffic value. Refer to section “General security recommendations” for further advise on how to keep your system secure.

Affected Vendors

ABB

Affected Products (4)

ABB · Automation Runtime <6.5
ABB · Automation Runtime >=6.5
ABB · Automation Runtime <R4.93
ABB · Automation Runtime >=R4.93

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more