CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10290

Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor could 'cook' a custom URCap that when deployed by the user (intendedly or unintendedly) compromises the system

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.1%

CVSS Severity

CVSS v3 Score 6.8

CVSS v2 Score 7.2

References

https://github.com/aliasrobotics/RVD/issues/1495
https://github.com/aliasrobotics/RVD/issues/1495

Products affected by CVE-2020-10290

Sintef » Urx » Version: N/A

cpe:2.3:o:sintef:urx:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10290

Products

Pricing

Contact Us