PatchSiren cyber security CVE debrief
CVE-2024-8315 B&R Industrial Automation CVE debrief
CVE-2024-8315 is a medium-severity credential exposure issue in B&R APROL versions before 4.4-00P5. According to the CISA CSAF advisory published on 2025-03-24, a flaw in scripts used by the product could allow an authenticated local attacker to read credential information. B&R recommends applying the patch or upgrading to a non-vulnerable version, and changing secrets/passwords after updating.
- Vendor
- B&R Industrial Automation
- Product
- B&R APROL
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-03-24
- Original CVE updated
- 2025-03-24
- Advisory published
- 2025-03-24
- Advisory updated
- 2025-03-24
Who should care
Organizations running B&R APROL, especially OT/industrial control environments, should review whether any installed systems are on versions earlier than 4.4-00P5. Administrators responsible for local access control, credential management, and patching should prioritize validation and remediation.
Technical summary
The advisory describes an Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL < 4.4-00P5. The supplied CVSS vector indicates local attack conditions (AV:L), low privileges required (PR:L), no user interaction (UI:N), and a high confidentiality impact (C:H) with no integrity or availability impact listed. The stated impact is that an authenticated local attacker may be able to read credential information. The vendor remediation is to apply the patch or upgrade, then rotate secrets/passwords after updating.
Defensive priority
Medium. The issue requires local authentication and affects confidentiality rather than integrity or availability, but it exposes credentials and has an available vendor fix. Systems with shared admin access, weak local controls, or sensitive credentials stored in scope should be prioritized.
Recommended defensive actions
- Identify all B&R APROL installations and confirm whether any are running a version earlier than 4.4-00P5.
- Apply the vendor patch or upgrade to a non-vulnerable version at the earliest practical opportunity.
- After remediation, change any secrets/passwords that may have been exposed, as recommended by B&R.
- Review local access controls and administrative account hygiene on affected systems.
- Use CISA and vendor industrial-control-system hardening and defense-in-depth guidance for follow-on risk reduction.
Evidence notes
This debrief is based on the CISA CSAF advisory ICSA-25-093-05 and the supplied CVE metadata. The advisory states: affected product is B&R APROL < 4.4-00P5; the vulnerability is an improper handling of insufficient permissions or privileges in scripts; an authenticated local attacker may read credential information; and B&R recommends patching/upgrading and changing secrets/passwords after update. The supplied CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, consistent with local, confidentiality-focused impact. The CVE was published and modified on 2025-03-24.
Official resources
-
CVE-2024-8315 CVE record
CVE.org
-
CVE-2024-8315 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory data for CVE-2024-8315 was published by CISA on 2025-03-24 as ICSA-25-093-05. The provided enrichment does not list the issue in CISA KEV.