VYPR

System Diagnostics Manager (SDM)

by B&R Industrial Automation

CVEs (4)

  • CVE-2025-11498MedOct 14, 2025
    risk 0.40cvss 6.1epss 0.00

    An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability…

  • CVE-2025-3448MedOct 7, 2025
    risk 0.40cvss 6.1epss 0.00

    Reflected cross-site scripting (XSS) vulnerabilities exist in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session

  • CVE-2023-6028MedFeb 5, 2024
    risk 0.40cvss 6.1epss 0.00

    A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session. …

  • CVE-2022-4286MedFeb 14, 2023
    risk 0.40cvss 6.1epss 0.01

    A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session.