Security Advisory – Vulnerabilities in Docker Engine of B&R APROL Identified

B&R has disclosed several vulnerabilities within Docker Engine components used in APROL systems, documented under CVE IDs CVE-2024-23652, CVE-2024-21626, CVE-2024-23651, CVE-2024-23653, and CVE-2024-23650. These vulnerabilities, affecting versions R4.2 and R4.4 of B&R APROL, could allow local attackers to execute arbitrary code. Updated versions R4.2-070.0.240402 and R4.4-001.0.240327 are available to address these issues. Users are urged to update promptly to mitigate the risks.