QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-8314

Back to search

CVE-2024-8314

Published: Mar 25, 2025

Modified: Mar 25, 2025

PUBLISHED

Description

An Incorrect Implementation of Authentication Algorithm and Exposure of Data Element to Wrong Ses-sion vulnerability in the session handling used in B&R APROL <4.4-00P5 may allow an authenticated network attacker to take over a currently active user session without login credentials.

VendorProductVersions

B&R Industrial Automation GmbH

APROL

affected
4.4 - < 4.4-00P5

Weaknesses (CWE)

CWE-303
CWE-488

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now