Monthly reports on robot cybersecurity vulnerabilities - May and June 2020
A total of 23 robot cybersecurity vulnerabilities (most shipping with new CVE IDs) were reported from May to June 2020 according to the Robot Vulnerability Database (RVD). Vulnerabilities reported affect different manufacturers however a special mention should be made for Mobile Industrial Robots who has been reported to ship insecure products with more than 10 cyber security vulnerabilities, several of them of high criticality and affecting several downstream robots. Most affected manufacturers by the reports include:
- Mobile Industrial Robots
- UVD Robots (manufacturer and vendor of robots for autonomous disinfection during COVID-19)
- EnabledRobotics
- EasyRobotics
- Robotplus
For previous entries, refer to the following list:
Vulnerabilities
| ID | Type | Manufacturer/s | Title |
|---|---|---|---|
| RVD#3320 | vulnerability | Mitsubishi | RVD#3320: XML External Entity (XXE) attacks via unspecified vectors on Mitsubishi products |
| RVD#3319 | vulnerability | Mitsubishi | RVD#3319: Uncontrolled resource consumption vulnerability in Mitsubishi products allows denial of service (DoS) attacks |
| RVD#3318 | vulnerability | ABB | RVD#3318: XSS-like attacks for authenticated users in ABB System 800xA Information Manager |
| RVD#3317 | vulnerability | PX4 | RVD#3317: MAVLink version handshaking allows for an attacker to bypass authentication |
| RVD#3316 | vulnerability | PX4 | RVD#3316: No authentication in MAVLink protocol |
| RVD#3315 | vulnerability | PX4 | RVD#3315: Cleartext transmission of sensitive information in MAVLink protocol version 1.0 and 2.0 |
| RVD#2573 | vulnerability | DBPOWER | RVD#2573: The DBPOWER U818A WIFI quadcopter drone provides FTP access over |
| RVD#2569 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2569: Insecure operating system defaults in MiR robots |
| RVD#2568 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2568: Apache server is vulnerable to a DoS |
| RVD#2566 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point |
| RVD#2565 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2565: Weak token generation for the REST API. |
| RVD#2564 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2564: The xfrm_replay_verify_len function does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a DoS |
| RVD#2563 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2563: The perf_cpu_time_max_percent_handler function in the Linux kernel allows local users to cause a denial of service. |
| RVD#2562 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2562: Booting from a live image leads to exfiltration of sensible information and privilege escalation |
| RVD#2561 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2561: Unprotected BIOS allows user to boot from live OS image. |
| RVD#2560 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2560: Unprotected intellectual property in Mobile Industrial Robots (MiR) controllers |
| RVD#2559 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2559: net/netfilter/xt_osf.c does not require the CAP_NET_ADMIN for add_callback or remove_callback operations, allows local users to bypass intended access restrictions |
| RVD#2558 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2558: Default credentials on SICK PLC allows disabling safety features |
| RVD#2557 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2557: Hardcoded Credentials on MiRX00 Control Dashboard |
| RVD#2556 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2556: MiR REST API allows for data exfiltration by unauthorized attackers (e.g. indoor maps) |
| RVD#2555 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2555: MiR ROS computational graph is exposed to all network interfaces, including poorly secured wireless networks and open wired ones |
| RVD#2554 | vulnerability | Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus | RVD#2554: MiR ROS computational graph presents no authentication mechanisms |
| RVD#1877 | vulnerability | Softbank Robotics | RVD#1877: Hard coded username makes pepper and NAO susceptible to a Brute force attack. |