CVE-2020-10290

Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor could 'cook' a custom URCap that when deployed by the user (intendedly or unintendedly) compromises the system
References
Link Resource
https://github.com/aliasrobotics/RVD/issues/1495 Issue Tracking Third Party Advisory
Configurations

Configuration 1

cpe:2.3:o:sintef:urx:-:*:*:*:*:*:*:*

Information

Published : 2020-08-21 03:15

Updated : 2021-09-14 05:20


NVD link : CVE-2020-10290

Mitre link : CVE-2020-10290

Products Affected
No products.
CWE