ABB, a Swiss-Swedish multinational corporation, has released an advisory to address vulnerabilities in the B&R VC4 visualization, which has multiple versions. The advisory highlights the need for users and administrators to review the provided web links, perform the suggested mitigations, and apply the necessary updates.
If not addressed, an unauthenticated network-based attacker could bypass the authentication mechanism of the VC4 visualization and potentially execute code on the affected device.
The vulnerabilities could be exploited to read stack memory or execute code on an affected device. The advisory does not provide details on how the vulnerabilities could be exploited, but it warns that successful exploitation could result in an attacker gaining access to sensitive information or executing arbitrary code on the affected system.
The Cyber Centre encourages users and administrators to apply the necessary updates as soon as possible to mitigate the risk of exploitation.
Administrators are advised to review their system configurations to ensure that they are using secure settings and have enabled the necessary security features.
This advisory serves as a reminder of the importance of regularly patching and updating software and systems to maintain their security posture and protect against potential attacks.
