B&R Automation Studio Update of SQLite version
Act NowCVSS 9.8SA25P007Feb 18, 2026
ABBB&R Automation
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
ABB identified vulnerabilities in outdated third-party SQLite components embedded in B&R Automation Studio versions prior to 6.5. Although no active exploitation has been observed, these vulnerabilities could enable unauthorized access, data exposure, or remote code execution on systems running the affected versions.
What this means
What could happen
An attacker with network access to B&R Automation Studio could execute arbitrary code or access sensitive data through vulnerabilities in an outdated SQLite library component. This could allow an attacker to compromise engineering workstations and potentially alter or inject malicious logic into industrial control systems being configured.
Who's at risk
Engineering and automation teams at utilities and manufacturers who use B&R Automation Studio for programming and configuring B&R PLCs and automation controllers. This affects anyone managing industrial control system configurations through this engineering software, including water utilities, power distribution systems, and manufacturing facilities using B&R equipment.
How it could be exploited
An attacker could target a B&R Automation Studio workstation over the network by sending specially crafted requests that exploit the outdated SQLite component embedded in the application. If successful, the attacker could run code with the privileges of the engineering workstation, potentially modifying PLC/automation programs before they are deployed to live equipment.
Prerequisites
- Network access to the B&R Automation Studio machine (typically on engineering network or accessible via VPN)
- The affected version of B&R Automation Studio (<6.5) must be running
Remotely exploitableNo authentication requiredLow complexity attackHigh EPSS score (51.9%)Could enable unauthorized access or data exposureCould enable remote code execution on engineering workstations
Exploitability
Likely to be exploited — EPSS score 51.9%
Public Proof-of-Concept (PoC) on GitHub (2 repositories)
Affected products (1)
ProductAffected VersionsFix Status
B&R Automation Studio <6.5<6.56.5
Remediation & Mitigation
0/3
Do now
0/1HARDENINGRestrict network access to B&R Automation Studio workstations to only authorized engineering staff and jump servers
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate B&R Automation Studio to version 6.5 or later
Long-term hardening
0/1HARDENINGIsolate engineering network segment from general IT network to limit lateral movement if a workstation is compromised
CVEs (25)
CVE-2025-6965CVE-2025-3277CVE-2023-7104CVE-2022-35737CVE-2020-15358CVE-2020-13632CVE-2020-13631CVE-2020-13630CVE-2020-13435CVE-2020-13434CVE-2020-11656CVE-2020-11655CVE-2019-19646CVE-2019-19645CVE-2019-8457CVE-2018-20506CVE-2018-20505CVE-2018-20346CVE-2018-8740CVE-2017-10989CVE-2016-6153CVE-2015-6607CVE-2015-5895CVE-2015-3717CVE-2015-3416
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/f72b9c0c-43d8-4a67-bd8a-131c28a03adaGet OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.