CVE-2020-10290 RVD#1495: Universal Robots URCaps execute with unbounded privileges

Universal Robots controller execute URCaps zip files containing Java-powered applications without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor...

CVE-2020-10289 RVD#2401: Use of unsafe yaml load, ./src/actionlib/tools/library.py:132

Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and allows for the creation of Python objects. Through this flaw in the ROS core package of actionlib...

CVE-2020-10288 RVD#3327: No authentication required for accesing ABB IRC5 FTP server

IRC5 exposes an ftp server port 21. Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted...

CVE-2020-10286 RVD#3323: Mismanaged permission implementation leads to privilege escalation, exfiltration of sensitive information, and DoS

the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation...

CVE-2020-10281 RVD#3315: Cleartext transmission of sensitive information in MAVLink protocol version 1.0 and 2.0

This vulnerability applies to the Micro Air Vehicle Link MAVLink protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. MAVLink is a header-based protocol that does not perform encryption to improve transfer and reception...

CVE-2020-10266 RVD#1487: No integrity checks on UR+ platform artifacts when installed in the robot

UR+ Universal Robots+ is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the robots e.g. in the UR10, no integrity checks are performed. Moreover, the SDK for making such components can be easily obtained from Universa...

CVE-2007-4161

rvd in TIBCO Rendezvous RV 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cause a denial of service network instability via a subject name with a leading 1 '' asterisk or 2 '' greater than wildcard character...