Unrated severityNVD Advisory· Published Feb 2, 2024· Updated Jun 17, 2025
RCE in B&R Automation Studio with crafted project files
CVE-2021-22282
Description
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12.
Affected products
2>=4.0, <=4.12+ 1 more
- (no CPE)range: >=4.0, <=4.12
- (no CPE)range: 4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.