CVE-2019-19872 – CVE-2019-19872 is a command injection vulnerabi... (How to Fix)

Q: What is the severity of CVE-2019-19872?

CVE-2019-19872 has a CVSS score of 9.8 (CRITICAL). CVE-2019-19872 is a command injection vulnerability in B&R Industrial Automation APROL's AprolLoader component that allows attackers to execute arbitrary commands on affected systems. This affects APROL installations before version R4.2 V7.08. Industrial control systems using vulnerable APROL versions are at risk of complete system compromise.

📋 TL;DR

CVE-2019-19872 is a command injection vulnerability in B&R Industrial Automation APROL's AprolLoader component that allows attackers to execute arbitrary commands on affected systems. This affects APROL installations before version R4.2 V7.08. Industrial control systems using vulnerable APROL versions are at risk of complete system compromise.

💻 Affected Systems

Products:

B&R Industrial Automation APROL

Versions: All versions before R4.2 V7.08

Operating Systems: Industrial control system platforms running APROL

Default Config Vulnerable: ⚠️ Yes

Notes: Affects AprolLoader component specifically; industrial control systems in manufacturing, energy, and critical infrastructure sectors.

📦 What is this software?

Industrial Automation Aprol by Br Automation

View all CVEs affecting Industrial Automation Aprol →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover leading to industrial process disruption, data theft, or physical damage to industrial equipment.

🟠

Likely Case

Unauthorized command execution leading to system compromise, data exfiltration, or lateral movement within industrial networks.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent exploitation attempts.

🌐 Internet-Facing: HIGH if APROL systems are exposed to internet, as CVSS 9.8 indicates network-accessible attack vector.

🏢 Internal Only: HIGH due to command injection vulnerability that could be exploited from within industrial networks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

CWE-77 indicates command injection vulnerability; unspecified attack scenario suggests exploitation details not publicly documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: R4.2 V7.08 and later

Vendor Advisory: https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf

Restart Required: Yes

Instructions:

1. Download APROL R4.2 V7.08 or later from B&R Industrial Automation. 2. Backup current configuration and data. 3. Install the updated version following vendor documentation. 4. Restart affected systems. 5. Verify functionality post-update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate APROL systems from untrusted networks and implement strict firewall rules.

Access Control Restrictions

all

Implement strict authentication and authorization controls for APROL system access.

🧯 If You Can't Patch

Implement network segmentation to isolate APROL systems from other networks
Deploy intrusion detection systems to monitor for exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check APROL version in system administration interface or configuration files; versions before R4.2 V7.08 are vulnerable.

Check Version:

Check through APROL administration interface or consult system documentation for version verification.

Verify Fix Applied:

Verify APROL version is R4.2 V7.08 or later in system administration interface.

📡 Detection & Monitoring

Log Indicators:

Unusual command execution via AprolLoader
Unauthorized system access attempts
Abnormal process creation

Network Indicators:

Unexpected network connections from APROL systems
Suspicious traffic to/from industrial control network

SIEM Query:

source="aprol_logs" AND (event="command_injection" OR process="AprolLoader" AND suspicious=true)

📊 Metadata

CVE ID: CVE-2019-19872

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-77

Published: November 27, 2020

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-19872, you might also want to check these: