Monthly reports on robot cybersecurity vulnerabilities - May and June 2020

A total of 23 robot cybersecurity vulnerabilities (most shipping with new CVE IDs) were reported from May to June 2020 according to the Robot Vulnerability Database (RVD). Vulnerabilities reported affect different manufacturers however a special mention should be made for Mobile Industrial Robots who has been reported to ship insecure products with more than 10 cyber security vulnerabilities, several of them of high criticality and affecting several downstream robots. Most affected manufacturers by the reports include:

  • Mobile Industrial Robots
  • UVD Robots (manufacturer and vendor of robots for autonomous disinfection during COVID-19)
  • EnabledRobotics
  • EasyRobotics
  • Robotplus

For previous entries, refer to the following list:

Vulnerabilities

ID Type Manufacturer/s Title
RVD#3320 vulnerability Mitsubishi RVD#3320: XML External Entity (XXE) attacks via unspecified vectors on Mitsubishi products
RVD#3319 vulnerability Mitsubishi RVD#3319: Uncontrolled resource consumption vulnerability in Mitsubishi products allows denial of service (DoS) attacks
RVD#3318 vulnerability ABB RVD#3318: XSS-like attacks for authenticated users in ABB System 800xA Information Manager
RVD#3317 vulnerability PX4 RVD#3317: MAVLink version handshaking allows for an attacker to bypass authentication
RVD#3316 vulnerability PX4 RVD#3316: No authentication in MAVLink protocol
RVD#3315 vulnerability PX4 RVD#3315: Cleartext transmission of sensitive information in MAVLink protocol version 1.0 and 2.0
RVD#2573 vulnerability DBPOWER RVD#2573: The DBPOWER U818A WIFI quadcopter drone provides FTP access over
RVD#2569 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2569: Insecure operating system defaults in MiR robots
RVD#2568 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2568: Apache server is vulnerable to a DoS
RVD#2566 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point
RVD#2565 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2565: Weak token generation for the REST API.
RVD#2564 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2564: The xfrm_replay_verify_len function does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a DoS
RVD#2563 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2563: The perf_cpu_time_max_percent_handler function in the Linux kernel allows local users to cause a denial of service.
RVD#2562 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2562: Booting from a live image leads to exfiltration of sensible information and privilege escalation
RVD#2561 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2561: Unprotected BIOS allows user to boot from live OS image.
RVD#2560 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2560: Unprotected intellectual property in Mobile Industrial Robots (MiR) controllers
RVD#2559 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2559: net/netfilter/xt_osf.c does not require the CAP_NET_ADMIN for add_callback or remove_callback operations, allows local users to bypass intended access restrictions
RVD#2558 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2558: Default credentials on SICK PLC allows disabling safety features
RVD#2557 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2557: Hardcoded Credentials on MiRX00 Control Dashboard
RVD#2556 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2556: MiR REST API allows for data exfiltration by unauthorized attackers (e.g. indoor maps)
RVD#2555 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2555: MiR ROS computational graph is exposed to all network interfaces, including poorly secured wireless networks and open wired ones
RVD#2554 vulnerability Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots, Robotplus RVD#2554: MiR ROS computational graph presents no authentication mechanisms
RVD#1877 vulnerability Softbank Robotics RVD#1877: Hard coded username makes pepper and NAO susceptible to a Brute force attack.