CVE-2020-10268 (GCVE-0-2020-10268)

Vulnerability from cvelistv5 – Published: 2020-06-16 17:55 – Updated: 2024-09-16 18:59
VLAI?
Summary
Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
KUKA Roboter GmbH KR3R540, KRC4, KSS8.5.7HF1, Win7_Embedded Affected: unspecified
Create a notification for this product.
Credits
Alias Robotics (group, https://aliasrobotics.com)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:58:40.108Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/aliasrobotics/RVD/issues/2550"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "KR3R540, KRC4, KSS8.5.7HF1, Win7_Embedded",
          "vendor": "KUKA Roboter GmbH",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Alias Robotics (group, https://aliasrobotics.com)"
        }
      ],
      "datePublic": "2020-06-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-749",
              "description": "CWE-749",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-16T17:55:11",
        "orgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
        "shortName": "Alias"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/aliasrobotics/RVD/issues/2550"
        }
      ],
      "source": {
        "defect": [
          "RVD#2550"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "RVD#2550: Terminate Critical Services in KUKA controller KR C4",
      "x_ConverterErrors": {
        "cvssV3_0": {
          "error": "CVSSV3_0 data from v4 record is invalid",
          "message": "Malformed CVSS3 vector, trailing \"/\""
        }
      },
      "x_generator": {
        "engine": "Robot Vulnerability Database (RVD)"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@aliasrobotics.com",
          "DATE_PUBLIC": "2020-06-16T17:49:11 +00:00",
          "ID": "CVE-2020-10268",
          "STATE": "PUBLIC",
          "TITLE": "RVD#2550: Terminate Critical Services in KUKA controller KR C4"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "KR3R540, KRC4, KSS8.5.7HF1, Win7_Embedded",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "KUKA Roboter GmbH"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Alias Robotics (group, https://aliasrobotics.com)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs."
            }
          ]
        },
        "generator": {
          "engine": "Robot Vulnerability Database (RVD)"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "medium",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-749"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/aliasrobotics/RVD/issues/2550",
              "refsource": "CONFIRM",
              "url": "https://github.com/aliasrobotics/RVD/issues/2550"
            }
          ]
        },
        "source": {
          "defect": [
            "RVD#2550"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
    "assignerShortName": "Alias",
    "cveId": "CVE-2020-10268",
    "datePublished": "2020-06-16T17:55:11.700406Z",
    "dateReserved": "2020-03-10T00:00:00",
    "dateUpdated": "2024-09-16T18:59:43.071Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kuka:kr_c4_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"377A0187-FEE3-48BB-A225-30B13FBC3EF9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kuka:kr_c4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A25F107-7654-4B4C-BA1E-4B3098AC4568\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs.\"}, {\"lang\": \"es\", \"value\": \"Los servicios cr\\u00edticos para la operaci\\u00f3n se pueden finalizar desde el administrador de tareas de Windows, provocando que el manipulador se detenga. Despu\\u00e9s de esto, una recalibraci\\u00f3n de los frenos se debe llevar a cabo. Tome en cuenta que esto solo puede lograrlo un t\\u00e9cnico de Kuka o un hardware de calibraci\\u00f3n emitido por Kuka que interact\\u00fae con el manipulador, promoviendo el retraso e incrementando los costos operativos\"}]",
      "id": "CVE-2020-10268",
      "lastModified": "2024-11-21T04:55:06.133",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:P/A:P\", \"baseScore\": 3.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-06-16T18:15:17.027",
      "references": "[{\"url\": \"https://github.com/aliasrobotics/RVD/issues/2550\", \"source\": \"cve@aliasrobotics.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/aliasrobotics/RVD/issues/2550\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@aliasrobotics.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cve@aliasrobotics.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-749\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-10268\",\"sourceIdentifier\":\"cve@aliasrobotics.com\",\"published\":\"2020-06-16T18:15:17.027\",\"lastModified\":\"2024-11-21T04:55:06.133\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs.\"},{\"lang\":\"es\",\"value\":\"Los servicios cr\u00edticos para la operaci\u00f3n se pueden finalizar desde el administrador de tareas de Windows, provocando que el manipulador se detenga. Despu\u00e9s de esto, una recalibraci\u00f3n de los frenos se debe llevar a cabo. Tome en cuenta que esto solo puede lograrlo un t\u00e9cnico de Kuka o un hardware de calibraci\u00f3n emitido por Kuka que interact\u00fae con el manipulador, promoviendo el retraso e incrementando los costos operativos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:P/A:P\",\"baseScore\":3.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve@aliasrobotics.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-749\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kuka:kr_c4_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"377A0187-FEE3-48BB-A225-30B13FBC3EF9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kuka:kr_c4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A25F107-7654-4B4C-BA1E-4B3098AC4568\"}]}]}],\"references\":[{\"url\":\"https://github.com/aliasrobotics/RVD/issues/2550\",\"source\":\"cve@aliasrobotics.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/aliasrobotics/RVD/issues/2550\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.