{"id": "CVE-2020-10273", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "
[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-06-24T05:15:13.020", "references": [{"url": "https://github.com/aliasrobotics/RVD/issues/2560", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://github.com/aliasrobotics/RVD/issues/2560", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-311"}]}, {"type": "Primary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to the robot or the robot network (while in combination with other flaws) to retrieve and easily exfiltrate all installed intellectual property and data."}, {"lang": "es", "value": "Los controladores MiR hasta las versiones de firmware 2.8.1.1 y anteriores, no cifran ni protegen de ninguna manera los artefactos de propiedad intelectual instalados en los robots. Este fallo permite a atacantes con acceso al robot o a la red del robot (en combinaci\u00f3n con otros fallos) recuperar y exfiltrar f\u00e1cilmente toda la propiedad intelectual y los datos instalados"}], "lastModified": "2024-11-21T04:55:06.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:aliasrobotics:mir100_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBDEDA2D-26AB-4F23-B672-D0C89A7BEFB9", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:aliasrobotics:mir100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0989373-02AB-4E05-BAC2-0522A641D73A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:aliasrobotics:mir200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78E261B1-C56F-4428-9D53-5BBCCACEAFCF", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:aliasrobotics:mir200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7BF40B1F-0DD2-4B8A-BFBA-A7E641DC3316"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:aliasrobotics:mir250_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "877EEDC4-E86F-420D-81C6-3F632C787003", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:aliasrobotics:mir250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD1AE2A0-D83D-441B-856B-7E6FAB065C0D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:aliasrobotics:mir500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "335CA5FE-5AFD-4D49-9A88-1CD71C9281BE", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:aliasrobotics:mir500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F57611E0-5CB2-40FD-8420-ED13A1C4863F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:aliasrobotics:mir1000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6865A559-8CA9-4F51-AC43-35BDF5201B91", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:aliasrobotics:mir1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04043B16-E401-4D2C-9812-71923CEA2716"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mobile-industrial-robotics:er200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39BD42AA-95E1-4A02-BB9D-C54AE6BAF9B2", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mobile-industrial-robotics:er200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D8A47E5E-7754-47EA-B02D-8A7F54124ED4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:enabled-robotics:er-lite_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF0E5CFB-6C15-4BB1-97D8-DD52F68190DD", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:enabled-robotics:er-lite:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "472A560B-547D-4C9F-BE86-ED602FA32799"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:enabled-robotics:er-flex_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5528AFD-75DF-4296-9A29-4BD00AB76273", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:enabled-robotics:er-flex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "654488E4-161E-40B5-9E0B-BE68F5F38E91"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:enabled-robotics:er-one_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD6E62F4-9C15-49AA-BFB7-81443D40B9B9", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:enabled-robotics:er-one:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1BB77317-78C0-4800-8E1D-498979B6CB06"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:uvd-robots:uvd_robots_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7452D74-36A5-4C87-AA20-8E9A80724EAA", "versionEndIncluding": "2.8.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:uvd-robots:uvd_robots:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4FD4ACEB-1184-47AB-86E4-732DA183E8AE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "
[email protected]"}
