Full Report
[Control systems] B&R security advisory (AV26-056)
Analysis Summary
This summary is constructed based *only* on the context provided in the article description, which points to advisory AV26-056 for B&R ICS products. Since the provided context only lists the advisory number, date, and affected products without detailing CVEs, specific technical flaws, exploitation status, or detailed remediation steps, the fields lacking specific information will reflect that limitation.
# Vulnerability: B&R ICS Components Vulnerabilities (AV26-056)
## CVE Details
- CVE ID: Not explicitly detailed in the summary context provided (Associated with advisories SA25P005 and SA25P004)
- CVSS Score: Not explicitly detailed in the summary context provided
- CWE: Not explicitly available in the summary context provided
## Affected Systems
- Products: Automation Runtime 6, Automation Runtime 4, Automation Studio
- Versions:
- Automation Runtime 6: Versions prior to 6.5
- Automation Runtime 4: Versions prior to R4.93
- Automation Studio: Versions prior to 6.5
- Configurations: Not specified in the context provided, but likely related to specific operational modes or network exposure if exploiting SA25P005 (Flooding) or SA25P004 (Certificate Validation).
## Vulnerability Description
The advisory AV26-056 encompasses multiple vulnerabilities addressed by B\&R, specifically detailing issues labeled SA25P005 and SA25P004:
1. **SA25P005:** Improper Handling of Flooding conditions on the ANSL Server.
2. **SA25P004:** Automation Studio Insufficient Server Certificate Validation.
## Exploitation
- Status: **Unknown** (No information provided in the context regarding exploitation status or PoC availability)
- Complexity: **Unknown**
- Attack Vector: Likely Network or Adjacent, depending on the specific vulnerability (e.g., Certificate validation likely requires network interaction).
## Impact
- Confidentiality: **Unknown**
- Integrity: **Unknown**
- Availability: **Unknown** (SA25P005 suggests potential Denial of Service if flooding is successful)
## Remediation
### Patches
Patches are indicated as being released by B\&R on January 19, 2026, corresponding to the fixed versions:
- Automation Runtime 6: Version 6.5 and later
- Automation Runtime 4: Version R4.93 and later
- Automation Studio: Version 6.5 and later
### Workarounds
- No specific workarounds are detailed in the summary context provided. Users are encouraged to review the vendor advisories for mitigations.
## Detection
- No specific Indicators of Compromise (IOCs) or detection methods were provided in this summary context. Mitigation involves applying the vendor-specific updates.
## References
- Vendor Advisory SA25P005: hxxps://www[.]br-automation[.]com/fileadmin/SA25P005-26597bd0[.]pdf
- Vendor Advisory SA25P004: hxxps://www[.]br-automation[.]com/fileadmin/SA25P004-4f45197f[.]pdf
- General B&R Advisories: hxxps://www[.]br-automation[.]com/en/service/cyber-security/cyber-security-advisories-and-notices/