PT-2020-12021 · Mobile Industrial Robots A/S+4 · Mir100+10
Alfonso Glera
+4
·
Publicado
2020-06-24
·
Atualizado
2020-07-06
·
CVE-2020-10272
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the internal wireless and wired networks to take control of the robot seamlessly. In combination with CVE-2020-10269 and CVE-2020-10271, this flaw allows malicious actors to command the robot at desire.
Exploit
Correção
Missing Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mir100
Er-Flex Firmware
Er-Lite Firmware
Er-One Firmware
Er200 Firmware
Mir1000 Firmware
Mir100 Firmware
Mir200 Firmware
Mir250 Firmware
Mir500 Firmware
Uvd Robots Firmware