B&R APROL Potential Privilege Escalation and Information Disclosure

Plan Patch8.8sa24p015Mar 24, 2025

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Multiple privately reported vulnerabilities exist in B&R APROL versions prior to 4.4-00P1 that could allow an attacker to escalate privileges or disclose sensitive information including credentials and configuration data. The vulnerabilities relate to improper credential handling, insufficient access controls, insufficient information protection, and request validation issues. Successful exploitation could enable an attacker to modify system configuration, alter process behavior, or establish unauthorized access to the automation system.

What this means

What could happen

An attacker with network access to an APROL system could gain higher-level privileges on the device or extract sensitive information including credentials, potentially allowing them to modify process parameters, stop operations, or persist access to your automation network.

Who's at risk

Organizations running B&R APROL versions prior to 4.4-00P1 should prioritize this update. APROL is commonly used in manufacturing automation, process control systems, and industrial facilities. Any facility using APROL for critical process monitoring or control is affected.

How it could be exploited

An attacker on your network segment where APROL is deployed could send crafted network requests or interact with exposed services to escalate privileges or retrieve stored credentials and configuration data. The attack requires only network access to the APROL device; no authentication is required.

Prerequisites

Network access to APROL device on the same network segment or accessible from attacker's position
No valid credentials required for initial exploitation

remotely exploitableno authentication requiredlow complexity attackinformation disclosure (credential exposure)privilege escalation capabilityaffects process automation systems

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

APROL < 4.4-00P1<4.4-00P14.4-00P1

APROL < 4.4-00P5<4.4-00P54.4-00P1

APROL < 4.4-01<4.4-014.4-00P1

Remediation & Mitigation

0/3

Do now

0/2

HARDENINGAfter applying the update, change all stored secrets and passwords in APROL to prevent use of credentials that may have been exposed

HARDENINGVerify the installed APROL version using the procedure in the user manual to confirm the patch was applied correctly

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate APROL to version 4.4-00P1 or later using the patch or full upgrade process described in the user manual

CVEs (13)

CVE-2024-45482 CVE-2024-45481 CVE-2024-45480 CVE-2024-8315 CVE-2024-45484 CVE-2024-45483 CVE-2024-8313 CVE-2024-8314 CVE-2024-10206 CVE-2024-10207 CVE-2024-10208 CVE-2024-10210 CVE-2024-10209

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a0533d8f-cf78-45c2-9b02-2f2f2de7ba83