VDB
CVE-2020-10277
CVE-2020-10277
PUBLISHED
CVSS 6.400000095367432 MEDIUM
There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.
EPSS 0.06% · 18.6th percentile
Risk Scores
CVSS 3.0
6.400000095367432
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
EPSS Score
0.06%
18.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| easyrobotics | er-flex_firmware | |
| easyrobotics | er-lite_firmware | |
| easyrobotics | er-one_firmware | |
| mobile-industrial-robots | mir500_firmware | |
| mobile-industrial-robots | mir100_firmware | 0 |
| mobile-industrial-robots | mir250_firmware | |
| mobile-industrial-robots | mir1000_firmware | |
| easyrobotics | er200_firmware | |
| Mobile Industrial Robots A/S | MiR100 | 2.8.1.1 and before |
| mobile-industrial-robots | mir200_firmware | |
| uvd-robots | uvd_firmware |
Exploit Intelligence
Timeline
- Jun 24, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score