What is the severity of CVE-2020-11644?

CVE-2020-11644 is classified as an information disclosure vulnerability.

How do I fix CVE-2020-11644?

To fix CVE-2020-11644, update the B&R GateManager to version 9.0.20262 or later for GateManager 4260 and 9250, or version 9.2.620236042 or later for GateManager 8250.

Which versions are affected by CVE-2020-11644?

CVE-2020-11644 affects B&R GateManager 4260 and 9250 versions below 9.0.20262 and GateManager 8250 versions below 9.2.620236042.

Who is the vendor for CVE-2020-11644?

The vendor for CVE-2020-11644 is B&R Industrial Automation GmbH.

What types of systems are vulnerable to CVE-2020-11644?

CVE-2020-11644 impacts B&R GateManager systems including models 4260, 9250, and 8250 running specific firmware versions.

Vulnerability/
CVE-2020-11644

medium

6.5

CWE

117 287

29/9/2020

4/8/2024

CVE-2020-11644: GateManager Audit Message Spoofing Vulnerability

First published: Tue Sep 29 2020(Updated: )

The information disclosure vulnerability present in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to generate fake audit log messages.

Credit: cybersecurity@ch.abb.com

Affected Software	Affected Version	How to fix
B&R Industrial Automation GmbH SiteManager
B&R Industrial Automation GmbH GateManager
B&R Industrial Automation GmbH GateManager
B&R Industrial Automation Gatemanager 9250	<9.0.20262
B&R Industrial Automation Gatemanager 9250
Secomea Gatemanager 4260 Firmware	<9.0.20262
Secomea GateManager
Secomea Gatemanager 8250 Firmware	<9.2.620236042
Secomea Gatemanager 8250 Firmware

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-20-273-03

Frequently Asked Questions

What is the severity of CVE-2020-11644?
CVE-2020-11644 is classified as an information disclosure vulnerability.
How do I fix CVE-2020-11644?
To fix CVE-2020-11644, update the B&R GateManager to version 9.0.20262 or later for GateManager 4260 and 9250, or version 9.2.620236042 or later for GateManager 8250.
Which versions are affected by CVE-2020-11644?
CVE-2020-11644 affects B&R GateManager 4260 and 9250 versions below 9.0.20262 and GateManager 8250 versions below 9.2.620236042.
Who is the vendor for CVE-2020-11644?
The vendor for CVE-2020-11644 is B&R Industrial Automation GmbH.
What types of systems are vulnerable to CVE-2020-11644?
CVE-2020-11644 impacts B&R GateManager systems including models 4260, 9250, and 8250 running specific firmware versions.

agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/title
agent/severity
agent/weakness
agent/references
agent/event
agent/source
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/b&r industrial automation gmbh
canonical/b&r industrial automation gmbh sitemanager
canonical/b&r industrial automation gmbh gatemanager
vendor/br-automation
canonical/b&r industrial automation gatemanager 9250
canonical/secomea gatemanager 4260 firmware
canonical/secomea gatemanager
canonical/secomea gatemanager 8250 firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.