CVE-2020-10284

Summary

No authentication is required to control the robot inside the network, moreso the latest available user manual shows an option that lets the user to add a password to the robot but as in xarm_studio 1.3.0 the option is missing from the menu. Assuming manual control, even by forcefully removing the current operator from an active session.

Affected Software

VendorProductVersion RangeStatus
uFactoryxArm5 Lite, xArm 6 and xArm 7v1.5.0 and beforeaffected

Weaknesses

  • CWE-656: CWE-656

ADP Enrichment

CVE Program Container

Additional References

References