Filtered by vendor Universal-robots
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10265 | 1 Universal-robots | 7 Ur10, Ur10e, Ur3 and 4 more | 2020-04-06 | 9.0 HIGH | 9.4 CRITICAL |
| Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. The DashBoard server is not protected by any kind of authentication or authorization. | |||||
| CVE-2018-10633 | 1 Universal-robots | 2 Cb3.1, Cb3.1 Firmware | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller. | |||||
| CVE-2018-10635 | 1 Universal-robots | 2 Cb3.1, Cb3.1 Firmware | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained. | |||||