Untrusted Search Path Vulnerability in B&R Industrial Automation APROL
CVE-2026-6901

8.4HIGH

Key Information:

Status
Vendor
CVE Published:
6 July 2026

What is CVE-2026-6901?

An untrusted search path vulnerability exists in B&R Industrial Automation's APROL software, which can allow an attacker to potentially execute malicious code or applications by manipulating the search path. This issue affects versions of APROL prior to R 4.4-01P5, posing a significant risk for users who may inadvertently run untrusted components. It emphasizes the importance of ensuring that software applications are updated and configured securely to mitigate potential exploitation.

Affected Version(s)

APROL 0

References

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.