CRITICAL🇵🇱 Wersja polska

CVE-2020-10276

CVSS 9.8v3.1pub. 2020-06-24upd. 2024-11-21

The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Easyrobotics Er200

    HW
    Easyrobotics
    wszystkie wersje
  • Easyrobotics Er200 Firmware

    OS
    Easyrobotics
    wszystkie wersje
  • Easyrobotics Er Flex

    HW
    Easyrobotics
    wszystkie wersje
  • Easyrobotics Er Flex Firmware

    OS
    Easyrobotics
    wszystkie wersje
  • Easyrobotics Er Lite

    HW
    Easyrobotics
    wszystkie wersje
  • Easyrobotics Er Lite Firmware

    OS
    Easyrobotics
    wszystkie wersje
  • Easyrobotics Er One

    HW
    Easyrobotics
    wszystkie wersje
  • Easyrobotics Er One Firmware

    OS
    Easyrobotics
    wszystkie wersje
  • Mobile Industrial Robots Mir100

    HW
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir1000

    HW
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir1000 Firmware

    OS
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir100 Firmware

    OS
    Mobile-Industrial-Robots
    ≤ 2.8.1.1
  • Mobile Industrial Robots Mir200

    HW
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir200 Firmware

    OS
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir250

    HW
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir250 Firmware

    OS
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir500

    HW
    Mobile-Industrial-Robots
    wszystkie wersje
  • Mobile Industrial Robots Mir500 Firmware

    OS
    Mobile-Industrial-Robots
    wszystkie wersje
  • Uvd Robots Uvd

    HW
    Uvd-Robots
    wszystkie wersje
  • Uvd Robots Uvd Firmware

    OS
    Uvd-Robots
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-10275CRITICAL9.8ten sam produkt

The access tokens for the REST API are directly derived from the publicly available default credentials for th...

CVE-2020-10274HIGH7.1ten sam produkt

The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly availab...

CVE-2020-10280HIGH7.5ten sam produkt

The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP he...

CVE-2020-10277MEDIUM6.4ten sam produkt

There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extrac...

CVE-2020-10269CRITICAL9.8ten sam vendor

One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet ve...