Summary
ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces an outdated third-party component. Although no successful exploitation was observed during testing of the affected B&R products, the identified vulnerabilities could present potential attack vectors that might enable unauthorized access, data exposure, or remote code execution.
The following versions of ABB B&R Automation Studio are affected:
- B&R Automation Studio <6.5, 6.5 (CVE-2025-6965, CVE-2025-3277, CVE-2023-7104, CVE-2022-35737, CVE-2020-15358, CVE-2020-13632, CVE-2020-13631, CVE-2020-13630, CVE-2020-13435, CVE-2020-13434, CVE-2020-11656, CVE-2020-11655, CVE-2019-19646, CVE-2019-19645, CVE-2019-8457, CVE-2018-20506, CVE-2018-20505, CVE-2018-20346, CVE-2018-8740, CVE-2017-10989, CVE-2016-6153, CVE-2015-6607, CVE-2015-5895, CVE-2015-3717, CVE-2015-3416)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 9.8 | ABB | ABB B&R Automation Studio | Numeric Truncation Error, Heap-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, NULL Pointer Dereference, Incorrect User Management, Use After Free, Integer Overflow or Wraparound, Improper Check for Unusual or Exceptional Conditions, Uncontrolled Recursion, Out-of-bounds Read, Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) |
Background
- Critical Infrastructure Sectors: Energy
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Switzerland
Vulnerabilities
CVE-2025-6965
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue.
Affected Products
ABB B&R Automation Studio
ABB
ABB B&R Automation Studio <6.5
fixed, known_affected
Remediations
Vendor fix
The problem is corrected in the following product versions: B&R Automation Studio 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual.
Mitigation
Refer to section “General security recommendations” for advice on how to keep your system secure.
Relevant CWE: CWE-197 Numeric Truncation Error
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
CVE-2025-3277
An integer overflow vulnerability exists in SQLite’s concat_ws() function that can lead to a massive heap buffer overflow. When triggered, the integer overflow results in a truncated size value being used for buffer allocation, while the original untruncated size is used for writing the resulting string, causing a heap buffer overflow of approximately 4GB.
Affected Products
ABB B&R Automation Studio
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: