CVE-2020-10284
9.1
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
No authentication is required to control the robot inside the network, moreso the latest available user manual shows an option that lets the user to add a password to the robot but as in xarm_studio 1.3.0 the option is missing from the menu. Assuming manual control, even by forcefully removing the current operator from an active session.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| uFactory | xArm5 Lite, xArm 6 and xArm 7 | v1.5.0 and before | affected |
Weaknesses
- CWE-656: CWE-656
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.