Search criteria
6 vulnerabilities by Universal Robots
CVE-2020-10290 (GCVE-0-2020-10290)
Vulnerability from cvelistv5 – Published: 2020-08-21 15:05 – Updated: 2024-09-16 19:15
VLAI?
Summary
Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor could 'cook' a custom URCap that when deployed by the user (intendedly or unintendedly) compromises the system
Severity ?
6.8 (Medium)
CWE
- CWE-250 - (Execution with Unnecessary Privileges)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Universal Robots | URx |
Affected:
unspecified
|
Credits
Victor Mayoral Vilches and Unai Ayucar Carbajo (Alias Robotics)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:40.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aliasrobotics/RVD/issues/1495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "URx",
"vendor": "Universal Robots",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Victor Mayoral Vilches and Unai Ayucar Carbajo (Alias Robotics)"
}
],
"datePublic": "2020-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor could \u0027cook\u0027 a custom URCap that when deployed by the user (intendedly or unintendedly) compromises the system"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 (Execution with Unnecessary Privileges)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T15:05:19",
"orgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"shortName": "Alias"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aliasrobotics/RVD/issues/1495"
}
],
"source": {
"defect": [
"RVD#1495"
],
"discovery": "EXTERNAL"
},
"title": "RVD#1495: Universal Robots URCaps execute with unbounded privileges",
"x_generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@aliasrobotics.com",
"DATE_PUBLIC": "2020-08-21T15:02:38 +00:00",
"ID": "CVE-2020-10290",
"STATE": "PUBLIC",
"TITLE": "RVD#1495: Universal Robots URCaps execute with unbounded privileges"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "URx",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Universal Robots"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Victor Mayoral Vilches and Unai Ayucar Carbajo (Alias Robotics)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor could \u0027cook\u0027 a custom URCap that when deployed by the user (intendedly or unintendedly) compromises the system"
}
]
},
"generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "medium",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250 (Execution with Unnecessary Privileges)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aliasrobotics/RVD/issues/1495",
"refsource": "CONFIRM",
"url": "https://github.com/aliasrobotics/RVD/issues/1495"
}
]
},
"source": {
"defect": [
"RVD#1495"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"assignerShortName": "Alias",
"cveId": "CVE-2020-10290",
"datePublished": "2020-08-21T15:05:19.977025Z",
"dateReserved": "2020-03-10T00:00:00",
"dateUpdated": "2024-09-16T19:15:10.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10266 (GCVE-0-2020-10266)
Vulnerability from cvelistv5 – Published: 2020-04-06 12:08 – Updated: 2024-09-16 23:15
VLAI?
Summary
UR+ (Universal Robots+) is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the robots (e.g. in the UR10), no integrity checks are performed. Moreover, the SDK for making such components can be easily obtained from Universal Robots. An attacker could exploit this flaw by crafting a custom component with the SDK, performing Person-In-The-Middle attacks (PITM) and shipping the maliciously-crafted component on demand.
Severity ?
8.8 (High)
CWE
- CWE-353 - (Missing Support for Integrity Check)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Universal Robots | URx |
Affected:
CB3 SW Versions 3.3 up to 3.12.1
|
Credits
Víctor Mayoral Vilches <victor@aliasrobotics.com>, Mike Karamousadakis, Lander Usategui San Juan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:40.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aliasrobotics/RVD/issues/1487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "URx",
"vendor": "Universal Robots",
"versions": [
{
"status": "affected",
"version": "CB3 SW Versions 3.3 up to 3.12.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "V\u00edctor Mayoral Vilches \u003cvictor@aliasrobotics.com\u003e, Mike Karamousadakis, Lander Usategui San Juan"
}
],
"datePublic": "2020-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "UR+ (Universal Robots+) is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the robots (e.g. in the UR10), no integrity checks are performed. Moreover, the SDK for making such components can be easily obtained from Universal Robots. An attacker could exploit this flaw by crafting a custom component with the SDK, performing Person-In-The-Middle attacks (PITM) and shipping the maliciously-crafted component on demand."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-353",
"description": "CWE-353 (Missing Support for Integrity Check)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-06T12:08:40",
"orgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"shortName": "Alias"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aliasrobotics/RVD/issues/1487"
}
],
"source": {
"defect": [
"RVD#1487"
],
"discovery": "EXTERNAL"
},
"title": "RVD#1487: No integrity checks on UR+ platform artifacts when installed in the robot",
"x_generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@aliasrobotics.com",
"DATE_PUBLIC": "2020-04-04T16:53:42 +00:00",
"ID": "CVE-2020-10266",
"STATE": "PUBLIC",
"TITLE": "RVD#1487: No integrity checks on UR+ platform artifacts when installed in the robot"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "URx",
"version": {
"version_data": [
{
"version_value": "CB3 SW Versions 3.3 up to 3.12.1"
}
]
}
}
]
},
"vendor_name": "Universal Robots"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "V\u00edctor Mayoral Vilches \u003cvictor@aliasrobotics.com\u003e, Mike Karamousadakis, Lander Usategui San Juan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UR+ (Universal Robots+) is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the robots (e.g. in the UR10), no integrity checks are performed. Moreover, the SDK for making such components can be easily obtained from Universal Robots. An attacker could exploit this flaw by crafting a custom component with the SDK, performing Person-In-The-Middle attacks (PITM) and shipping the maliciously-crafted component on demand."
}
]
},
"generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "high",
"confidentialityImpact": "LOW",
"integrityImpact": "REQUIRED",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-353 (Missing Support for Integrity Check)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aliasrobotics/RVD/issues/1487",
"refsource": "CONFIRM",
"url": "https://github.com/aliasrobotics/RVD/issues/1487"
}
]
},
"source": {
"defect": [
"RVD#1487"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"assignerShortName": "Alias",
"cveId": "CVE-2020-10266",
"datePublished": "2020-04-06T12:08:40.708577Z",
"dateReserved": "2020-03-10T00:00:00",
"dateUpdated": "2024-09-16T23:15:36.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10265 (GCVE-0-2020-10265)
Vulnerability from cvelistv5 – Published: 2020-04-06 12:08 – Updated: 2024-09-17 03:07
VLAI?
Summary
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. The DashBoard server is not protected by any kind of authentication or authorization.
Severity ?
9.4 (Critical)
CWE
- CWE-306 - (Missing Authentication for Critical Function)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Universal Robots | Universal Robots Robot Controllers CB 2, CB3, e-series |
Affected:
unspecified
|
Credits
Bernhard Dieber, Benjamin Breiling (and many others)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:39.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.universal-robots.com/how-tos-and-faqs/how-to/ur-how-tos/real-time-data-exchange-rtde-guide/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Universal Robots Robot Controllers CB 2, CB3, e-series",
"vendor": "Universal Robots",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bernhard Dieber, Benjamin Breiling (and many others)"
}
],
"datePublic": "2020-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. The DashBoard server is not protected by any kind of authentication or authorization."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 (Missing Authentication for Critical Function)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-06T12:08:40",
"orgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"shortName": "Alias"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.universal-robots.com/how-tos-and-faqs/how-to/ur-how-tos/real-time-data-exchange-rtde-guide/"
}
],
"source": {
"defect": [
"RVD#1443"
],
"discovery": "EXTERNAL"
},
"title": "RVD#1443: UR dashboard server enables unauthenticated remote control of core robot functions",
"x_generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@aliasrobotics.com",
"DATE_PUBLIC": "2020-04-04T15:38:55 +00:00",
"ID": "CVE-2020-10265",
"STATE": "PUBLIC",
"TITLE": "RVD#1443: UR dashboard server enables unauthenticated remote control of core robot functions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Universal Robots Robot Controllers CB 2, CB3, e-series",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Universal Robots"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Bernhard Dieber, Benjamin Breiling (and many others)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. The DashBoard server is not protected by any kind of authentication or authorization."
}
]
},
"generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "critical",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 (Missing Authentication for Critical Function)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.universal-robots.com/how-tos-and-faqs/how-to/ur-how-tos/real-time-data-exchange-rtde-guide/",
"refsource": "CONFIRM",
"url": "https://www.universal-robots.com/how-tos-and-faqs/how-to/ur-how-tos/real-time-data-exchange-rtde-guide/"
}
]
},
"source": {
"defect": [
"RVD#1443"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"assignerShortName": "Alias",
"cveId": "CVE-2020-10265",
"datePublished": "2020-04-06T12:08:40.665519Z",
"dateReserved": "2020-03-10T00:00:00",
"dateUpdated": "2024-09-17T03:07:51.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10267 (GCVE-0-2020-10267)
Vulnerability from cvelistv5 – Published: 2020-04-06 12:08 – Updated: 2024-09-16 23:52
VLAI?
Summary
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1.10) does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components (URCaps). These files (*.urcaps) are stored under '/root/.urcaps' as plain zip files containing all the logic to add functionality to the UR3, UR5 and UR10 robots. This flaw allows attackers with access to the robot or the robot network (while in combination with other flaws) to retrieve and easily exfiltrate all installed intellectual property.
Severity ?
7.5 (High)
CWE
- CWE-311 - (Missing Encryption of Sensitive Data)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Universal Robots | UR3, UR5 and UR10 |
Affected:
unspecified
|
Credits
Víctor Mayoral Vilches <victor@aliasrobotics.com>
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:40.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aliasrobotics/RVD/issues/1489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UR3, UR5 and UR10",
"vendor": "Universal Robots",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "V\u00edctor Mayoral Vilches \u003cvictor@aliasrobotics.com\u003e"
}
],
"datePublic": "2020-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1.10) does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components (URCaps). These files (*.urcaps) are stored under \u0027/root/.urcaps\u0027 as plain zip files containing all the logic to add functionality to the UR3, UR5 and UR10 robots. This flaw allows attackers with access to the robot or the robot network (while in combination with other flaws) to retrieve and easily exfiltrate all installed intellectual property."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 (Missing Encryption of Sensitive Data)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-06T12:08:40",
"orgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"shortName": "Alias"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aliasrobotics/RVD/issues/1489"
}
],
"source": {
"defect": [
"RVD#1489"
],
"discovery": "EXTERNAL"
},
"title": "RVD#1489: Unprotected intelectual property in Universal Robots controller CB 3.1 across firmware versions",
"x_generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@aliasrobotics.com",
"DATE_PUBLIC": "2020-04-04T17:31:46 +00:00",
"ID": "CVE-2020-10267",
"STATE": "PUBLIC",
"TITLE": "RVD#1489: Unprotected intelectual property in Universal Robots controller CB 3.1 across firmware versions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UR3, UR5 and UR10",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Universal Robots"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "V\u00edctor Mayoral Vilches \u003cvictor@aliasrobotics.com\u003e"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1.10) does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components (URCaps). These files (*.urcaps) are stored under \u0027/root/.urcaps\u0027 as plain zip files containing all the logic to add functionality to the UR3, UR5 and UR10 robots. This flaw allows attackers with access to the robot or the robot network (while in combination with other flaws) to retrieve and easily exfiltrate all installed intellectual property."
}
]
},
"generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "high",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-311 (Missing Encryption of Sensitive Data)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aliasrobotics/RVD/issues/1489",
"refsource": "CONFIRM",
"url": "https://github.com/aliasrobotics/RVD/issues/1489"
}
]
},
"source": {
"defect": [
"RVD#1489"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
"assignerShortName": "Alias",
"cveId": "CVE-2020-10267",
"datePublished": "2020-04-06T12:08:40.743755Z",
"dateReserved": "2020-03-10T00:00:00",
"dateUpdated": "2024-09-16T23:52:16.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10635 (GCVE-0-2018-10635)
Vulnerability from cvelistv5 – Published: 2018-07-11 17:00 – Updated: 2024-09-17 03:18
VLAI?
Summary
In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained.
Severity ?
No CVSS data available.
CWE
- CWE-306 - MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Universal Robots | Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 |
Affected:
Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104710"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100",
"vendor": "Universal Robots",
"versions": [
{
"status": "affected",
"version": "Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-12T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "104710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104710"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-07-10T00:00:00",
"ID": "CVE-2018-10635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100",
"version": {
"version_data": [
{
"version_value": "Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100"
}
]
}
}
]
},
"vendor_name": "Universal Robots"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104710"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10635",
"datePublished": "2018-07-11T17:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2024-09-17T03:18:19.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10633 (GCVE-0-2018-10633)
Vulnerability from cvelistv5 – Published: 2018-07-11 17:00 – Updated: 2024-09-17 01:00
VLAI?
Summary
Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller.
Severity ?
No CVSS data available.
CWE
- CWE-798 - USE OF HARD-CODED CREDENTIALS CWE-798
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Universal Robots | Universal Robots Robot Controller version CB 3.1, SW Version 3.4.5-100 |
Affected:
Universal Robots Robot Controller version CB 3.1, SW Version 3.4.5-100
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104710"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Universal Robots Robot Controller version CB 3.1, SW Version 3.4.5-100",
"vendor": "Universal Robots",
"versions": [
{
"status": "affected",
"version": "Universal Robots Robot Controller version CB 3.1, SW Version 3.4.5-100"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "USE OF HARD-CODED CREDENTIALS CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-12T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "104710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104710"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-07-10T00:00:00",
"ID": "CVE-2018-10633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Universal Robots Robot Controller version CB 3.1, SW Version 3.4.5-100",
"version": {
"version_data": [
{
"version_value": "Universal Robots Robot Controller version CB 3.1, SW Version 3.4.5-100"
}
]
}
}
]
},
"vendor_name": "Universal Robots"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CREDENTIALS CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104710"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10633",
"datePublished": "2018-07-11T17:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2024-09-17T01:00:45.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}