CRITICAL🇬🇧 English

CVE-2020-10272

CVSS 9.8v3.1pub. 2020-06-24upd. 2024-11-21

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the internal wireless and wired networks to take control of the robot seamlessly. In combination with CVE-2020-10269 and CVE-2020-10271, this flaw allows malicious actors to command the robot at desire.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Aliasrobotics Mir100

    HW
    Aliasrobotics
    wszystkie wersje
  • Aliasrobotics Mir1000

    HW
    Aliasrobotics
    wszystkie wersje
  • Aliasrobotics Mir1000 Firmware

    OS
    Aliasrobotics
    ≤ 2.8.1.1
  • Aliasrobotics Mir100 Firmware

    OS
    Aliasrobotics
    ≤ 2.8.1.1
  • Aliasrobotics Mir200

    HW
    Aliasrobotics
    wszystkie wersje
  • Aliasrobotics Mir200 Firmware

    OS
    Aliasrobotics
    ≤ 2.8.1.1
  • Aliasrobotics Mir250

    HW
    Aliasrobotics
    wszystkie wersje
  • Aliasrobotics Mir250 Firmware

    OS
    Aliasrobotics
    ≤ 2.8.1.1
  • Aliasrobotics Mir500

    HW
    Aliasrobotics
    wszystkie wersje
  • Aliasrobotics Mir500 Firmware

    OS
    Aliasrobotics
    ≤ 2.8.1.1
  • Enabled Robotics Er Flex

    HW
    Enabled-Robotics
    wszystkie wersje
  • Enabled Robotics Er Flex Firmware

    OS
    Enabled-Robotics
    ≤ 2.8.1.1
  • Enabled Robotics Er Lite

    HW
    Enabled-Robotics
    wszystkie wersje
  • Enabled Robotics Er Lite Firmware

    OS
    Enabled-Robotics
    ≤ 2.8.1.1
  • Enabled Robotics Er One

    HW
    Enabled-Robotics
    wszystkie wersje
  • Enabled Robotics Er One Firmware

    OS
    Enabled-Robotics
    ≤ 2.8.1.1
  • Mobile Industrial Robotics Er200

    HW
    Mobile-Industrial-Robotics
    wszystkie wersje
  • Mobile Industrial Robotics Er200 Firmware

    OS
    Mobile-Industrial-Robotics
    ≤ 2.8.1.1
  • Uvd Robots

    HW
    Uvd-Robots
    wszystkie wersje
  • Uvd Robots Firmware

    OS
    Uvd-Robots
    ≤ 2.8.1.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-10269CRITICAL9.8ten sam produkt

One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet ve...

CVE-2020-10270CRITICAL9.8ten sam produkt

Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's pos...

CVE-2020-10271CRITICAL9.8ten sam produkt

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computa...

CVE-2020-10279CRITICAL9.8ten sam produkt

MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for ...

CVE-2020-10273HIGH7.5ten sam produkt

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellect...

CVE-2020-10272 — CRITICAL 9.8 | CVEbaza.pl