CVE-2020-10264

Summary

CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. Additionally unautheticated reading of robot data is also possible

Affected Software

VendorProductVersion RangeStatus
Universal Robots A/SUniversal Robots Robot Controllers CB 3.1CB3 SW Versions 3.3 up to 3.12.1affected
Universal Robots A/SUniversal Robots Robot Controllers e-Seriesnext of SW Versions 5.0 up to 5.7 < unspecifiedaffected

Weaknesses

  • CWE-200: CWE-200 Information Exposure

ADP Enrichment

CVE Program Container

Additional References

References