CVE-2020-10277
6.4
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
Summary
There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mobile Industrial Robots A/S | MiR100 | v2.8.1.1 and before | affected |
Weaknesses
- CWE-656: CWE-656
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.