Kuka: >> Kr C4 Firmware Security Vulnerabilities
An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-05-26
An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-26
Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs.
CVSS Score
6.1
EPSS Score
0.001
Published
2020-06-16