{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T14:51:55.884","vulnerabilities":[{"cve":{"id":"CVE-2019-19108","sourceIdentifier":"cybersecurity@ch.abb.com","published":"2020-04-20T22:15:13.510","lastModified":"2024-11-21T04:34:12.763","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP."},{"lang":"es","value":"Una debilidad de autenticación en el servicio SNMP en B&R Automation Runtime versiones 2.96, 3.00, 3.01, versiones 3.06 hasta 3.10, versiones 4.00 hasta 4.63, 4.72 y superiores, permite a usuarios no autenticados modificar la configuración de los productos B&R por medio de SNMP."}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@ch.abb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H","baseScore":9.4,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H","baseScore":9.4,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@ch.abb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*","versionStartIncluding":"3.08","versionEndIncluding":"3.10","matchCriteriaId":"92007641-9F08-49BC-8FBE-299E1B8F5D6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*","versionStartIncluding":"4.00","versionEndIncluding":"4.03","matchCriteriaId":"4F6F991A-DEAC-48E6-B920-3E5C2DF71126"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*","versionStartIncluding":"4.04","versionEndIncluding":"4.63","matchCriteriaId":"DBFD0529-3DBC-4F33-A8DB-3E0425249A0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:2.96:*:*:*:*:*:*:*","matchCriteriaId":"4336DDC3-2E0B-4003-9DD2-0F6B792224E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:3.00:*:*:*:*:*:*:*","matchCriteriaId":"627F13C8-8C9C-4821-8669-048D4129AA0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:3.01:*:*:*:*:*:*:*","matchCriteriaId":"938E07B7-4EA6-4C9F-AFE3-34D6871FD8E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:3.06:*:*:*:*:*:*:*","matchCriteriaId":"86226E55-0103-491D-9CE2-F70DF0F02FCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:3.07:*:*:*:*:*:*:*","matchCriteriaId":"1EA14826-AB36-438F-85EF-012AF77C84B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_runtime:4.72:*:*:*:*:*:*:*","matchCriteriaId":"ABB62E4A-4595-45FD-B9A3-6B72CA96B5A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.6.4","matchCriteriaId":"150E3C63-DA0E-4E4E-A778-ADC1BEB3FA14"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_studio:2.7:*:*:*:*:*:*:*","matchCriteriaId":"345C741C-4575-4234-92E7-1059703505BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_studio:3.0.71:*:*:*:*:*:*:*","matchCriteriaId":"5C516EA0-BB55-4554-AB27-B56423A5DE8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_studio:3.0.80:*:*:*:*:*:*:*","matchCriteriaId":"0459007D-DFC7-4EEA-8336-E05637672FDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_studio:3.0.81:*:*:*:*:*:*:*","matchCriteriaId":"B77D56F4-AFB5-4346-B6A9-1DF87D67D577"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_studio:3.0.90:*:*:*:*:*:*:*","matchCriteriaId":"A6B1A4A3-2201-49D0-BAB9-CFE94DB77C90"},{"vulnerable":true,"criteria":"cpe:2.3:a:br-automation:automation_studio:4.7.2:*:*:*:*:*:*:*","matchCriteriaId":"4007CF20-9AEE-47F9-A48A-0837739D95F1"}]}]}],"references":[{"url":"https://www.br-automation.com/en/downloads/012020-automation-runtime-snmp-authentication-weakness/","source":"cybersecurity@ch.abb.com","tags":["Vendor Advisory"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-051-01","source":"cybersecurity@ch.abb.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.br-automation.com/en/downloads/012020-automation-runtime-snmp-authentication-weakness/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-051-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}