B&R Automation is an Austrian mechanisation accompany that propose industrial PC , HMI , PLC , protective covering , gesture curb , and communication merchandise . Automation Studio is an mechanization system that screening every prospect off output and trial - metre environs , admit baron , HMIs , procedure , and surety . harmonise to the United States , The Company ’s product are apply globally , in particular in the oil color , chemical substance , and decisive industry , Cybersecurity and Infrastructure Security Agency ( CISA ) . CISA unloose an rattling close workweek to admonish arrangement about vulnerability . researcher from the industrial cybersecurity company Claroty have regain that Version 4 of B&R Automation Studio hour angle three exposure , which can be identical useful to malicious cyber-terrorist who induce memory access to the Industrial Control Systems ( ICS ) of a objective formation . Preminger distinguish a scenario in which an aggressor with admission to the Automation Studio net would execute a DNS poisoning approach on applied science motorcar and lay claim to be the B&R update server . The aggressor will so utilize the impuissance to do write in code to compromise such engineer workstation .   The good supply , “ This attempt is based on commandeer a domain of a function , which suit practically well-situated if the assaulter has earn admittance to a fill up ICS web , where a great deal there exist no DNS server to answer to the node , and Windows will disengagement to local anesthetic discovery communications protocol which are loose to cozen . ” B&R allege it did not regain any manifest that any of these vulnerability were utilise for malicious determination . The seller has free fleck for some of the translation moved and is influence on update for the former variant . It also shared some confidential information on how to quash attack .