THREATNOIR
Subscribe
Back to Feed
VulnerabilitiesMay 21, 2026

ABB B&R Automation Studio

ABB B&R Automation Studio has multiple vulnerabilities, update is available.

Read at source

Summary

ABB has released an update to address multiple vulnerabilities in B&R Automation Studio versions prior to 6.5. The vulnerabilities could allow unauthorized access, data exposure, or remote code execution, though no exploitation has been observed.

Full text

ICS Advisory ABB B&R Automation Studio Release DateMay 21, 2026 Alert CodeICSA-26-141-03 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces an outdated third-party component. Although no successful exploitation was observed during testing of the affected B&R products, the identified vulnerabilities could present potential attack vectors that might enable unauthorized access, data exposure, or remote code execution. The following versions of ABB B&R Automation Studio are affected: B&R Automation Studio <6.5, 6.5 (CVE-2025-6965, CVE-2025-3277, CVE-2023-7104, CVE-2022-35737, CVE-2020-15358, CVE-2020-13632, CVE-2020-13631, CVE-2020-13630, CVE-2020-13435, CVE-2020-13434, CVE-2020-11656, CVE-2020-11655, CVE-2019-19646, CVE-2019-19645, CVE-2019-8457, CVE-2018-20506, CVE-2018-20505, CVE-2018-20346, CVE-2018-8740, CVE-2017-10989, CVE-2016-6153, CVE-2015-6607, CVE-2015-5895, CVE-2015-3717, CVE-2015-3416) CVSS Vendor Equipment Vulnerabilities v3 9.8 ABB ABB B&R Automation Studio Numeric Truncation Error, Heap-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, NULL Pointer Dereference, Incorrect User Management, Use After Free, Integer Overflow or Wraparound, Improper Check for Unusual or Exceptional Conditions, Uncontrolled Recursion, Out-of-bounds Read, Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Background Critical Infrastructure Sectors: Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2025-6965 There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. View CVE Details Affected Products ABB B&R Automation Studio Vendor:ABB Product Version:ABB B&R Automation Studio <6.5 Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: B&R Automation Studio 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. MitigationRefer to section “General security recommendations” for advice on how to keep your system secure. Relevant CWE: CWE-197 Numeric Truncation Error Metrics CVSS Version Base Score Base Severity Vector String 3.1 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C CVE-2025-3277 An integer overflow vulnerability exists in SQLite's concat_ws() function that can lead to a massive heap buffer overflow. When triggered, the integer overflow results in a truncated size value being used for buffer allocation, while the original untruncated size is used for writing the resulting string, causing a heap buffer overflow of approximately 4GB. View CVE Details Affected Products ABB B&R Automation Studio Vendor:ABB Product Version:ABB B&R Automation Studio <6.5 Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: B&R Automation Studio 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. MitigationRefer to section “General security recommendations” for advice on how to keep your system secure. Relevant CWE: CWE-122 Heap-based Buffer Overflow Metrics CVSS Version Base Score Base Severity Vector String 3.1 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C CVE-2023-7104 A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. View CVE Details Affected Products ABB B&R Automation Studio Vendor:ABB Product Version:ABB B&R Automation Studio <6.5 Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: B&R Automation Studio 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. MitigationRefer to section “General security recommendations” for advice on how to keep your system secure. Relevant CWE: CWE-122 Heap-based Buffer Overflow Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C CVE-2022-35737 SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. View CVE Details Affected Products ABB B&R Automation Studio Vendor:ABB Product Version:ABB B&R Automation Studio <6.5 Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: B&R Automation Studio 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. MitigationRefer to section “General security recommendations” for advice on how to keep your system secure. Relevant CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C CVE-2020-15358 In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. View CVE Details Affected Products ABB B&R Automation Studio Vendor:ABB Product Version:ABB B&R Automation Studio <6.5 Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: B&R Automation Studio 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. MitigationRefer to section “General security recommendations” for advice on how to keep your system secure. Relevant CWE: CWE-787 Out-of-bounds Write Metrics CVSS Version Base Score Base Severity Vector String 3.1 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C CVE-2020-13632 There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. View CVE Details Affected Products ABB B&R Automation Studio Vendor:ABB Product Version:ABB B&R Automation Studio <6.5 Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: B&R Automation Studio 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. MitigationRefer to section “General security recommendations” for advice on how to keep your system secure. Relevant CWE: CWE-476 NULL Pointer Dereference Metrics CVSS Version Base Score Base Severity Vector String 3.0 5.5 MEDIUM CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C CVE-2020-13631 SQLite before 3.32.0 allows a v

Indicators of Compromise

  • cve — CVE-2025-6965
  • cve — CVE-2025-3277
  • cve — CVE-2023-7104
  • cve — CVE-2022-35737
  • cve — CVE-2020-15358
  • cve — CVE-2020-13632
  • cve — CVE-2020-13631
  • cve — CVE-2020-13630
  • cve — CVE-2020-13435
  • cve — CVE-2020-13434
  • cve — CVE-2020-11656
  • cve — CVE-2020-11655
  • cve — CVE-2019-19646
  • cve — CVE-2019-19645
  • cve — CVE-2019-8457
  • cve — CVE-2018-20506
  • cve — CVE-2018-20505
  • cve — CVE-2018-20346
  • cve — CVE-2018-8740
  • cve — CVE-2017-10989
  • cve — CVE-2016-6153
  • cve — CVE-2015-6607
  • cve — CVE-2015-5895
  • cve — CVE-2015-3717
  • cve — CVE-2015-3416

Entities

ABB (vendor)B&R Automation Studio (product)SQLite (product)