PT-2022-8317 · Kuka · Kuka.Sim Pro
Federico Maggi
·
Published
2022-02-24
·
Updated
2022-03-04
·
CVE-2020-10635
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
KUKA.Sim Pro version 3.1
Description
The issue concerns the transmission of simulation models in plaintext from a KUKA-maintained server to devices requesting these models.
Recommendations
For KUKA.Sim Pro version 3.1, consider implementing encryption for model transmissions to prevent unauthorized access to the models.
As a temporary workaround, restrict access to the server hosting the simulation models to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kuka.Sim Pro