B&R PPT30 Operating System

Plan PatchCVSS 7.5ICS-CERT ICSA-26-155-03May 26, 2026

Manufacturing

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in B&R PPT30 Operating System versions before 1.8.0 allows an attacker to render the OPC-UA server inaccessible, causing a denial of service. The OPC-UA server is not enabled by default. The vulnerability is corrected in version 1.8.0.

What this means

What could happen

An attacker can crash or make the OPC-UA server unavailable on affected PPT30 devices, disrupting remote monitoring and data access for manufacturing process control systems.

Who's at risk

Manufacturing facilities using B&R PPT30 Operating System versions before 1.8.0 are affected, particularly those with the OPC-UA server enabled for remote monitoring and integration with plant-wide data collection systems.

How it could be exploited

An attacker with network access to the OPC-UA server port can send a malformed request that causes a denial of service, rendering the server inaccessible to legitimate clients. This requires no credentials or authentication.

Prerequisites

Network access to the OPC-UA server port on the PPT30 device
OPC-UA server must be enabled (disabled by default)

remotely exploitableno authentication requiredlow complexityaffects industrial process controldefault configuration is safe

Exploitability

Unlikely to be exploited — EPSS score 0.3%

Affected products (1)

ProductAffected VersionsFix Status

PPT30 Operating System <1.8.0<1.8.01.8.0

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGKeep OPC-UA server disabled unless required for operations

HARDENINGConfigure South Firewall and/or Control Network Firewall to restrict OPC-UA server access to trusted IP addresses only

HARDENINGRestrict physical access to network interfaces on PPT30 devices to authorized personnel only

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PPT30 Operating System to version 1.8.0 or later

Long-term hardening

0/1

HARDENINGSegment the network where PPT30 operates to isolate it from untrusted networks

CVEs (1)

CVE-2025-11482

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/cd56419b-6d41-45f7-be0b-19694ce915a0

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.