CVE-2020-10265
9.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Summary
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. The DashBoard server is not protected by any kind of authentication or authorization.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Universal Robots | Universal Robots Robot Controllers CB 2, CB3, e-series | unspecified | affected |
Weaknesses
- CWE-306: CWE-306 (Missing Authentication for Critical Function)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.