HIGH🇵🇱 Wersja polska

CVE-2024-1913

CVSS 7.6v3.1pub. 2024-05-14upd. 2025-12-19

An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible, or execute arbitrary code.  The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific condition when specially crafted message is processed by the system. Below are reported vulnerabilities in the Robot Ware versions. * IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07 * OmniCore- RobotWare 7 < 7.14

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • Abb Irc5

    HW
    Abb
    wszystkie wersje
  • Abb Omnicore C30

    HW
    Abb
    wszystkie wersje
  • Abb Omnicore C90xt

    HW
    Abb
    wszystkie wersje
  • Abb Omnicore E10

    HW
    Abb
    wszystkie wersje
  • Abb Omnicore V250xt

    HW
    Abb
    wszystkie wersje
  • Abb Omnicore V400xt

    HW
    Abb
    wszystkie wersje
  • Abb Robotware

    APP
    Abb
    7.00 – 7.14 (bez)< 6.15.06< 6.13.076.0.0 – 6.10.10 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2021-22279CRITICAL9.8ten sam produkt

A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to re...

CVE-2020-10287CRITICAL9.8ten sam produkt

The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly avail...

CVE-2020-10288CRITICAL9.8ten sam produkt

IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of user...

CVE-2024-1914MEDIUM6.5ten sam produkt

An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot con...

CVE-2024-51547CRITICAL9.3PL ✓ten sam vendor

Zakodowane na stałe dane uwierzytelniające w urządzeniach ABB ASPECT/NEXUS/MATRIX