Machine-generated analysis · WAYSCloud LLM
The advisory states that the System Diagnostics Manager (SDM) is disabled by default in Automation Runtime 6 and not intended to be enabled outside secured production networks.
Context
ABB B&R Automation Runtime is a software platform used in industrial automation systems. The advisory identifies an improper resource locking vulnerability in the System Diagnostics Manager (SDM) component that could allow an unauthenticated network-based attacker to cause denial of service by deleting data. The vendor notes that SDM is disabled by default and not meant to be enabled on systems outside properly secured environments. This configuration guidance is explicitly emphasized in the remediation text.
Operator considerations
Check: Verify whether System Diagnostics Manager (SDM) is enabled on ABB B&R Automation Runtime systems.
An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could cause the product to stop.
Read the full advisory on CISA →