CVE-2020-10273 — Vulnetix

Try Vulnetix Request Demo

CVE-2020-10273 PUBLISHED CVSS 7.5 HIGH

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to the robot or the robot network (while in combination with other flaws) to retrieve and easily exfiltrate all installed intellectual property and data.

EPSS 0.12% · 31.5th percentile

Risk Scores

CVSS v3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.12%

31.5th percentile

Affected Products

Vendor	Product	Versions
uvd-robots	uvd_robots_firmware	0
aliasrobotics	mir1000_firmware	0
aliasrobotics	mir250_firmware	0
enabled-robotics	er-one_firmware	0
aliasrobotics	mir500_firmware	0
aliasrobotics	mir200_firmware	0
enabled-robotics	er-lite_firmware	0
enabled-robotics	er-flex_firmware	0
mobile-industrial-robotics	er200_firmware	0
aliasrobotics	mir100_firmware	0
Mobile Industrial Robots A/S	MiR100	v2.8.1.1 and before

Timeline

Jun 24, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score

References

Open in Interactive Console →