Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Universal Robots Security Vulnerabilities

cve
cve

CVE-2020-10290

Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious...

6.8CVSS

6.6AI Score

0.001EPSS

2020-08-21 03:15 PM
24
cve
cve

CVE-2020-10267

Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1.10) does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components (URCaps). These files (*.urcaps) are stored under...

7.5CVSS

7.4AI Score

0.003EPSS

2020-04-06 12:15 PM
17
cve
cve

CVE-2020-10266

UR+ (Universal Robots+) is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the robots (e.g. in the UR10), no integrity checks are performed. Moreover, the SDK for making such components can be easily obtained from...

8.1CVSS

7.9AI Score

0.002EPSS

2020-04-06 12:15 PM
17
cve
cve

CVE-2020-10264

CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. Additionally unautheticated reading of robot....

8.8CVSS

8.5AI Score

0.001EPSS

2020-04-06 12:15 PM
18
cve
cve

CVE-2020-10265

Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset...

9.4CVSS

9.5AI Score

0.001EPSS

2020-04-06 12:15 PM
18
cve
cve

CVE-2018-10635

In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be...

9.8CVSS

9.5AI Score

0.008EPSS

2018-07-11 05:29 PM
27
cve
cve

CVE-2018-10633

Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the...

9.8CVSS

9.3AI Score

0.002EPSS

2018-07-11 05:29 PM
21