CVE-2026-6901

B&R Industrial Automation GmbH · APROL

An untrusted search path vulnerability in B&R Industrial Automation APROL allows local authenticated users to escalate privileges by manipulating the application's search environment.

Executive summary

An untrusted search path vulnerability in B&R Industrial Automation APROL versions prior to R 4.4-01P5 poses a high risk of privilege escalation to local attackers.

Vulnerability

The software contains an untrusted search path vulnerability (CWE-426), which permits a local, authenticated attacker to influence the location from which the application loads resources. By placing malicious binaries in the path, an attacker can achieve privilege escalation within the system.

Business impact

With a CVSS score of 7.7, this vulnerability presents a substantial risk to industrial control environments. Successful exploitation allows a local user to gain unauthorized control over the APROL system, potentially leading to the compromise of critical industrial processes and long-term system instability.

Remediation

Immediate Action: Update APROL to version R 4.4-01P5 or higher to remediate the search path vulnerability.

Proactive Monitoring: Monitor system logs for unauthorized file modifications or the execution of unexpected binaries within the application's directory structure.

Compensating Controls: Restrict local user permissions and implement robust file system auditing to prevent unauthorized modification of application configuration and binary paths.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Given the potential impact on industrial control systems, organizations using APROL must prioritize the deployment of the vendor's update. Restricting local access is essential to mitigating the impact of this vulnerability until the patch can be applied.