CISA has published an advisory on path traversal, uncontrolled resource consumption, information exposure, improper authentication, and information disclosure vulnerabilities in B&R Automation SiteManager and GateManager. Numerous versions of these products are affected. Successful exploitation of these vulnerabilities could allow for arbitrary information disclosure, manipulation, and a denial-of-service condition. B&R Industrial Automation reports the vulnerabilities have been fixed in other versions. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.