ID CVE-2020-10279
Summary MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creation, access race conditions, insecure home directory configurations and defaults that facilitate Denial of Service (DoS) attacks.
References
Vulnerable Configurations
  • cpe:2.3:o:aliasrobotics:mir100_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir100_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir100_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir100_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:aliasrobotics:mir100:-:*:*:*:*:*:*:*
    cpe:2.3:h:aliasrobotics:mir100:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir200_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir200_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir200_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir200_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:aliasrobotics:mir200:-:*:*:*:*:*:*:*
    cpe:2.3:h:aliasrobotics:mir200:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir250_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir250_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir250_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir250_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:aliasrobotics:mir250:-:*:*:*:*:*:*:*
    cpe:2.3:h:aliasrobotics:mir250:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir500_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir500_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir500_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir500_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:aliasrobotics:mir500:-:*:*:*:*:*:*:*
    cpe:2.3:h:aliasrobotics:mir500:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir1000_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir1000_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:aliasrobotics:mir1000_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:aliasrobotics:mir1000_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:aliasrobotics:mir1000:-:*:*:*:*:*:*:*
    cpe:2.3:h:aliasrobotics:mir1000:-:*:*:*:*:*:*:*
  • cpe:2.3:o:mobile-industrial-robotics:er200_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:mobile-industrial-robotics:er200_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:mobile-industrial-robotics:er200_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:mobile-industrial-robotics:er200_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:mobile-industrial-robotics:er200:-:*:*:*:*:*:*:*
    cpe:2.3:h:mobile-industrial-robotics:er200:-:*:*:*:*:*:*:*
  • cpe:2.3:o:enabled-robotics:er-lite_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:enabled-robotics:er-lite_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:enabled-robotics:er-lite_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:enabled-robotics:er-lite_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:enabled-robotics:er-lite:-:*:*:*:*:*:*:*
    cpe:2.3:h:enabled-robotics:er-lite:-:*:*:*:*:*:*:*
  • cpe:2.3:o:enabled-robotics:er-flex_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:enabled-robotics:er-flex_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:enabled-robotics:er-flex_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:enabled-robotics:er-flex_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:enabled-robotics:er-flex:-:*:*:*:*:*:*:*
    cpe:2.3:h:enabled-robotics:er-flex:-:*:*:*:*:*:*:*
  • cpe:2.3:o:enabled-robotics:er-one_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:enabled-robotics:er-one_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:enabled-robotics:er-one_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:enabled-robotics:er-one_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:enabled-robotics:er-one:-:*:*:*:*:*:*:*
    cpe:2.3:h:enabled-robotics:er-one:-:*:*:*:*:*:*:*
  • cpe:2.3:o:uvd-robots:uvd_robots_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:uvd-robots:uvd_robots_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:uvd-robots:uvd_robots_firmware:2.8.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:uvd-robots:uvd_robots_firmware:2.8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:uvd-robots:uvd_robots:-:*:*:*:*:*:*:*
    cpe:2.3:h:uvd-robots:uvd_robots:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 25-04-2022 - 17:39)
Impact:
Exploitability:
CWE CWE-1188
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm https://github.com/aliasrobotics/RVD/issues/2569
Last major update 25-04-2022 - 17:39
Published 24-06-2020 - 06:15
Last modified 25-04-2022 - 17:39
Back to Top