Versio.io

CVE-2020-10279

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 24-06-2020 08:15
Last modified: - 25-04-2022 07:39
Total changes: - 2

Description

MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creation, access race conditions, insecure home directory configurations and defaults that facilitate Denial of Service (DoS) attacks.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=aliasrobotics AND product=mir100_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=aliasrobotics AND product=mir100 AND version=-
AND
OR
vendor=aliasrobotics AND product=mir200_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=aliasrobotics AND product=mir200 AND version=-
AND
OR
vendor=aliasrobotics AND product=mir250_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=aliasrobotics AND product=mir250 AND version=-
AND
OR
vendor=aliasrobotics AND product=mir500_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=aliasrobotics AND product=mir500 AND version=-
AND
OR
vendor=aliasrobotics AND product=mir1000_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=aliasrobotics AND product=mir1000 AND version=-
AND
OR
vendor=mobile-industrial-robotics AND product=er200_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=mobile-industrial-robotics AND product=er200 AND version=-
AND
OR
vendor=enabled-robotics AND product=er-lite_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=enabled-robotics AND product=er-lite AND version=-
AND
OR
vendor=enabled-robotics AND product=er-flex_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=enabled-robotics AND product=er-flex AND version=-
AND
OR
vendor=enabled-robotics AND product=er-one_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=enabled-robotics AND product=er-one AND version=-
AND
OR
vendor=uvd-robots AND product=uvd_robots_firmware AND versionEndIncluding=2.8.1.1
OR
vendor=uvd-robots AND product=uvd_robots AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2020-10279

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.