VDB
CVE-2020-10276
CVE-2020-10276
PUBLISHED
CVSS 9.800000190734863 CRITICAL
The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device.
EPSS 0.36% · 58.6th percentile
Risk Scores
CVSS v3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.36%
58.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mobile-industrial-robots | mir1000_firmware | |
| Mobile Industrial Robots A/S | MiR100 | 2.8.1.1 and before |
| easyrobotics | er-flex_firmware | |
| easyrobotics | er-one_firmware | |
| easyrobotics | er200_firmware | |
| mobile-industrial-robots | mir100_firmware | 0 |
| uvd-robots | uvd_firmware | |
| easyrobotics | er-lite_firmware | |
| mobile-industrial-robots | mir500_firmware | |
| mobile-industrial-robots | mir200_firmware | |
| mobile-industrial-robots | mir250_firmware |
Timeline
- Jun 24, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score