7 matches found
CVE-2020-10273
The CVE-2020-10273 entry concerns MiR robot controllers (MiR MiR100, MiR200, MiR250, MiR500, MiR1000, and MiR Fleet software older than 2.10.2.1) where sensitive intellectual property artifacts are stored without encryption or protection. The root cause is missing encryption of sensitive data on ...
CVE-2020-10269
CVE-2020-10269 (MiR100/MiR200 and possibly other MiR robots) involves a wireless AP mode with default credentials (MiR_RXXXX) that may be present per vendor guidance. Related disclosures (CVE-2020-10271) describe the Robot Operating System (ROS) computational graph being exposed to all network in...
CVE-2020-10279
CVE-2020-10279 is mapped to MiR robot software with insecure default permissions (Incorrect Default Permissions CWE-276) in MiR robots shipped prior to v2.8.3. The vulnerability description notes that an authorized local attacker with access to the robot operating system could perform privilege e...
CVE-2020-10272
CVE-2020-10272 affects MiR100, MiR200 and other MiR robots using ROS default packages that expose the computational graph without authentication. This allows attackers with access to internal networks to take control of the robot. The issue is part of a multi-vulnerability stack (alongside CVE-20...
CVE-2020-10271
MiR robots (MiR100, MiR200, MiR250, MiR500, MiR1000, and MiR Fleet prior to versions stated in advisories) expose the ROS computation graph over internal networks due to default ROS packages and authentication gaps. CVE-2020-10271 is described as the Exposure of Resource to Wrong Sphere: the comp...
CVE-2020-10278
CVE-2020-10278 concerns an unprotected BIOS on Mobile Industrial Robots (MiR) systems, where the BIOS has no password protection. The root issue allows a local operator to modify BIOS settings (e.g., boot order) and potentially boot from a Live Image. The connected documentation confirms MiR prod...
CVE-2020-10270
CVE-2020-10270 affects MiR robotic fleet (MiR100/MiR200, potentially others) where the Control Dashboard is reachable on a hardcoded IP via wired/wireless interfaces. The flaw enables control of the robot through default, widely known credentials, as documented in past guides, and may be extended...