CVE-2020-10277

Summary

There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.

Affected Software

VendorProductVersion RangeStatus
Mobile Industrial Robots A/SMiR100v2.8.1.1 and beforeaffected

Weaknesses

  • CWE-656: CWE-656

ADP Enrichment

CVE Program Container

Additional References

References