Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RVD#2550: Terminate Critical Services in KUKA controller KR C4 #2550

Open
rvd-bot opened this issue Jun 16, 2020 · 0 comments
Open

RVD#2550: Terminate Critical Services in KUKA controller KR C4 #2550

rvd-bot opened this issue Jun 16, 2020 · 0 comments

Comments

@rvd-bot
Copy link
Contributor

rvd-bot commented Jun 16, 2020

{
    "id": 2550,
    "title": "RVD#2550: Terminate Critical Services in KUKA controller KR C4",
    "type": "Vulnerability",
    "description": "Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs.",
    "cwe": "CWE-749",
    "cve": "CVE-2020-10268",
    "keywords": [
        "Services"
    ],
    "system": "KR3R540, KRC4, KSS8.5.7HF1, Win7_Embedded",
    "vendor": "KUKA Roboter GmbH",
    "severity": {
        "rvss-score": 7.1,
        "rvss-vector": "RVSS:1.0/AV:PR/AC:L/PR:N/UI:N/Y:U/S:U/C:N/I:H/A:H/H:U",
        "severity-description": "high",
        "cvss-score": 6.1,
        "cvss-vector": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/"
    },
    "links": [
        "https://cwe.mitre.org/data/definitions/749.html",
        "https://github.com/aliasrobotics/RVD/issues/2550"
    ],
    "flaw": {
        "phase": "runtime-operation",
        "specificity": "general issue",
        "architectural-location": "plataform code",
        "application": "Windows",
        "subsystem": "N/A",
        "package": "N/A",
        "languages": "Batch",
        "date-detected": null,
        "detected-by": "Alias Robotics (group, https://aliasrobotics.com)",
        "detected-by-method": "testing dynamic, Task manager.",
        "date-reported": "2020-03-17",
        "reported-by": "Victor Mayoral Vilches (Alias Robotics)",
        "reported-by-relationship": "security researcher",
        "issue": "https://github.com/aliasrobotics/RVD/issues/2550",
        "reproducibility": "Always",
        "trace": "Not disclosed",
        "reproduction": "Not disclosed",
        "reproduction-image": "Not disclosed"
    },
    "exploitation": {
        "description": "Not disclosed",
        "exploitation-image": "Not disclosed",
        "exploitation-vector": "Not disclosed"
    },
    "mitigation": {
        "description": "Not disclosed",
        "pull-request": "Not disclosed",
        "date-mitigation": null
    }
}
@rvd-bot rvd-bot changed the title Terminate Critical Services RVD#2550: Terminate Critical Services Jun 16, 2020
@vmayoral vmayoral added the robot: KUKA KR 3 R540 KUKA AGILUS KR 3 R540 label Jun 16, 2020
@vmayoral vmayoral changed the title RVD#2550: Terminate Critical Services RVD#2550: Terminate Critical Services in KUKA controller KR C4 Jun 16, 2020
@vmayoral vmayoral added the robot component: KUKA KR C4 KUKA KR C4 controller label Jun 16, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants