Search
Find a vulnerability
Search criteria
5 vulnerabilities found for er-flex by easyrobotics
VAR-202006-0266
Vulnerability from variot - Updated: 2025-01-30 22:22Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address. Credentials to such wireless interface default to well known and widely spread users (omitted) and passwords (omitted). This information is also available in past User Guides and manuals which the vendor distributed. This flaw allows cyber attackers to take control of the robot remotely and make use of the default user interfaces MiR has created, lowering the complexity of attacks and making them available to entry-level attackers. More elaborated attacks can also be established by clearing authentication and sending network requests directly. We have confirmed this flaw in MiR100 and MiR200 but according to the vendor, it might also apply to MiR250, MiR500 and MiR1000. plural MiR The product contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mir250",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-flex",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "mir500",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "mir100",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-lite",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "mir200",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "mir1000",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-one",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "er200",
"scope": "lte",
"trust": 1.0,
"vendor": "mobile industrial robotics",
"version": "2.8.1.1"
},
{
"model": "uvd robots",
"scope": "lte",
"trust": 1.0,
"vendor": "uvd robots",
"version": "2.8.1.1"
},
{
"model": "er-flex",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-lite",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-one",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er200",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir100",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir1000",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir200",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir250",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir500",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "uvd",
"scope": null,
"trust": 0.8,
"vendor": "uvd robots",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:easyrobotics:er-flex_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-one_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:uvd-robots:uvd_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
}
]
},
"cve": "CVE-2020-10270",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10270",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-007377",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10270",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@aliasrobotics.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10270",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007377",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10270",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@aliasrobotics.com",
"id": "CVE-2020-10270",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-007377",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1665",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1665"
},
{
"db": "NVD",
"id": "CVE-2020-10270"
},
{
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it\u0027s possible to access the Control Dashboard on a hardcoded IP address. Credentials to such wireless interface default to well known and widely spread users (omitted) and passwords (omitted). This information is also available in past User Guides and manuals which the vendor distributed. This flaw allows cyber attackers to take control of the robot remotely and make use of the default user interfaces MiR has created, lowering the complexity of attacks and making them available to entry-level attackers. More elaborated attacks can also be established by clearing authentication and sending network requests directly. We have confirmed this flaw in MiR100 and MiR200 but according to the vendor, it might also apply to MiR250, MiR500 and MiR1000. plural MiR The product contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10270"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10270",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007377",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1665",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1665"
},
{
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"id": "VAR-202006-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"industrial device"
],
"sub_category": "robot",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T22:22:35.714000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.easyrobotics.biz/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.mobile-industrial-robots.com/en/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.uvd-robots.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/aliasrobotics/rvd/issues/2557"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10270"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10270"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1665"
},
{
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1665"
},
{
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"date": "2020-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1665"
},
{
"date": "2020-06-24T05:15:12.753000",
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007377"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1665"
},
{
"date": "2024-11-21T04:55:06.397000",
"db": "NVD",
"id": "CVE-2020-10270"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1665"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural MiR Vulnerabilities in the use of hard-coded credentials in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007377"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1665"
}
],
"trust": 0.6
}
}
VAR-202006-0272
Vulnerability from variot - Updated: 2025-01-30 21:54The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device. Several products contain vulnerabilities in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0272",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "uvd",
"scope": "eq",
"trust": 1.0,
"vendor": "uvd robots",
"version": null
},
{
"model": "er-flex",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir250",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "er200",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir500",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "mir200",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "er-one",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir100",
"scope": "lte",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": "2.8.1.1"
},
{
"model": "mir1000",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "er-lite",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-flex",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-lite",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-one",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er200",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir100",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir1000",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir200",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir250",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir500",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "uvd",
"scope": null,
"trust": 0.8,
"vendor": "uvd robots",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:easyrobotics:er-flex_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-one_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:uvd-robots:uvd_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Victor Mayoral Vilches of Alias Robotics reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1666"
}
],
"trust": 0.6
},
"cve": "CVE-2020-10276",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10276",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-007371",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10276",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@aliasrobotics.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10276",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007371",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10276",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@aliasrobotics.com",
"id": "CVE-2020-10276",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-007371",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1666",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1666"
},
{
"db": "NVD",
"id": "CVE-2020-10276"
},
{
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device. Several products contain vulnerabilities in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10276"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10276",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007371",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2021.3344",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021101107",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-280-02",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1666",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1666"
},
{
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"id": "VAR-202006-0272",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"industrial device"
],
"sub_category": "robot",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:54:04.470000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.easyrobotics.biz/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.mobile-industrial-robots.com/en/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.uvd-robots.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/aliasrobotics/rvd/issues/2558"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10276"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10276"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021101107"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-02"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3344"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1666"
},
{
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1666"
},
{
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"date": "2020-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1666"
},
{
"date": "2020-06-24T05:15:13.270000",
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007371"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1666"
},
{
"date": "2024-11-21T04:55:07.250000",
"db": "NVD",
"id": "CVE-2020-10276"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1666"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability in using hard-coded credentials in multiple products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007371"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1666"
}
],
"trust": 0.6
}
}
VAR-202006-0268
Vulnerability from variot - Updated: 2025-01-30 21:44MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the internal wireless and wired networks to take control of the robot seamlessly. In combination with CVE-2020-10269 and CVE-2020-10271, this flaw allows malicious actors to command the robot at desire. plural MiR The product contains vulnerabilities related to lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mir250",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-flex",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "mir500",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "mir100",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-lite",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "mir200",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "mir1000",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-one",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "er200",
"scope": "lte",
"trust": 1.0,
"vendor": "mobile industrial robotics",
"version": "2.8.1.1"
},
{
"model": "uvd robots",
"scope": "lte",
"trust": 1.0,
"vendor": "uvd robots",
"version": "2.8.1.1"
},
{
"model": "er-flex",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-lite",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-one",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er200",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir100",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir1000",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir200",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir250",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir500",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "uvd",
"scope": null,
"trust": 0.8,
"vendor": "uvd robots",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:easyrobotics:er-flex_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-one_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:uvd-robots:uvd_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Victor Mayoral Vilches of Alias Robotics reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1663"
}
],
"trust": 0.6
},
"cve": "CVE-2020-10272",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10272",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-007374",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10272",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@aliasrobotics.com",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10272",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007374",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10272",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@aliasrobotics.com",
"id": "CVE-2020-10272",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-007374",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1663",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1663"
},
{
"db": "NVD",
"id": "CVE-2020-10272"
},
{
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the internal wireless and wired networks to take control of the robot seamlessly. In combination with CVE-2020-10269 and CVE-2020-10271, this flaw allows malicious actors to command the robot at desire. plural MiR The product contains vulnerabilities related to lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10272"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10272",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007374",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2021.3344",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021101107",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-280-02",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1663",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1663"
},
{
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"id": "VAR-202006-0268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"industrial device"
],
"sub_category": "robot",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:44:48.070000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.easyrobotics.biz/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.mobile-industrial-robots.com/en/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.uvd-robots.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/aliasrobotics/rvd/issues/2554"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10272"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10272"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021101107"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-02"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3344"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1663"
},
{
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1663"
},
{
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"date": "2020-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1663"
},
{
"date": "2020-06-24T05:15:12.943000",
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007374"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1663"
},
{
"date": "2024-11-21T04:55:06.683000",
"db": "NVD",
"id": "CVE-2020-10272"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1663"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural MiR Vulnerability regarding lack of authentication for critical features in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007374"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1663"
}
],
"trust": 0.6
}
}
VAR-202006-0259
Vulnerability from variot - Updated: 2025-01-30 21:13MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creation, access race conditions, insecure home directory configurations and defaults that facilitate Denial of Service (DoS) attacks. MiR robot The controller contains a vulnerability regarding improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0259",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mir250",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-flex",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "mir500",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "mir100",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-lite",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "mir200",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "mir1000",
"scope": "lte",
"trust": 1.0,
"vendor": "aliasrobotics",
"version": "2.8.1.1"
},
{
"model": "er-one",
"scope": "lte",
"trust": 1.0,
"vendor": "enabled robotics",
"version": "2.8.1.1"
},
{
"model": "er200",
"scope": "lte",
"trust": 1.0,
"vendor": "mobile industrial robotics",
"version": "2.8.1.1"
},
{
"model": "uvd robots",
"scope": "lte",
"trust": 1.0,
"vendor": "uvd robots",
"version": "2.8.1.1"
},
{
"model": "er-flex",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-lite",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-one",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er200",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir100",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir1000",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir200",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir250",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir500",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "uvd",
"scope": null,
"trust": 0.8,
"vendor": "uvd robots",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:easyrobotics:er-flex_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-one_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:uvd-robots:uvd_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Victor Mayoral Vilches of Alias Robotics reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1675"
}
],
"trust": 0.6
},
"cve": "CVE-2020-10279",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10279",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-007373",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10279",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@aliasrobotics.com",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10279",
"impactScore": 6.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007373",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10279",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@aliasrobotics.com",
"id": "CVE-2020-10279",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-007373",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1675",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1675"
},
{
"db": "NVD",
"id": "CVE-2020-10279"
},
{
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creation, access race conditions, insecure home directory configurations and defaults that facilitate Denial of Service (DoS) attacks. MiR robot The controller contains a vulnerability regarding improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10279"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10279",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007373",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021101107",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3344",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-280-02",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1675",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1675"
},
{
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"id": "VAR-202006-0259",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"industrial device"
],
"sub_category": "robot",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:13:43.732000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.easyrobotics.biz/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.mobile-industrial-robots.com/en/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.uvd-robots.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-276",
"trust": 1.8
},
{
"problemtype": "CWE-362",
"trust": 1.0
},
{
"problemtype": "CWE-1188",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/aliasrobotics/rvd/issues/2569"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10279"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10279"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021101107"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-02"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3344"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1675"
},
{
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1675"
},
{
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"date": "2020-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1675"
},
{
"date": "2020-06-24T06:15:11.543000",
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007373"
},
{
"date": "2022-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1675"
},
{
"date": "2024-11-21T04:55:07.650000",
"db": "NVD",
"id": "CVE-2020-10279"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1675"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MiR robot Vulnerability in improper default permissions on controller",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007373"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1675"
}
],
"trust": 0.6
}
}
VAR-202006-0270
Vulnerability from variot - Updated: 2025-01-30 20:59The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected to the robot networks (wired or wireless) to exfiltrate all stored data (e.g. indoor mapping images) and associated metadata from the robot's database. Information leakage vulnerabilities exist in multiple products.Information may be obtained and tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "uvd",
"scope": "eq",
"trust": 1.0,
"vendor": "uvd robots",
"version": null
},
{
"model": "er-flex",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir250",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "er200",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir500",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "mir200",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "er-one",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir100",
"scope": "lte",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": "2.8.1.1"
},
{
"model": "mir1000",
"scope": "eq",
"trust": 1.0,
"vendor": "mobile industrial robots",
"version": null
},
{
"model": "er-lite",
"scope": "eq",
"trust": 1.0,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-flex",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-lite",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er-one",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "er200",
"scope": null,
"trust": 0.8,
"vendor": "easyrobotics",
"version": null
},
{
"model": "mir100",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir1000",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir200",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir250",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "mir500",
"scope": null,
"trust": 0.8,
"vendor": "mobile industrial robots a s",
"version": null
},
{
"model": "uvd",
"scope": null,
"trust": 0.8,
"vendor": "uvd robots",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:easyrobotics:er-flex_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er-one_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:easyrobotics:er200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mobile-industrial-robots:mir500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:uvd-robots:uvd_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
}
]
},
"cve": "CVE-2020-10274",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-10274",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-007376",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-10274",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@aliasrobotics.com",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-10274",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007376",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10274",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@aliasrobotics.com",
"id": "CVE-2020-10274",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-007376",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1668",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1668"
},
{
"db": "NVD",
"id": "CVE-2020-10274"
},
{
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected to the robot networks (wired or wireless) to exfiltrate all stored data (e.g. indoor mapping images) and associated metadata from the robot\u0027s database. Information leakage vulnerabilities exist in multiple products.Information may be obtained and tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10274"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10274",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007376",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1668",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1668"
},
{
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"id": "VAR-202006-0270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"industrial device"
],
"sub_category": "robot",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:59:50.870000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.easyrobotics.biz/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.mobile-industrial-robots.com/en/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.uvd-robots.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
},
{
"problemtype": "CWE-330",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/aliasrobotics/rvd/issues/2556"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10274"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10274"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1668"
},
{
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1668"
},
{
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"date": "2020-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1668"
},
{
"date": "2020-06-24T05:15:13.113000",
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007376"
},
{
"date": "2021-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1668"
},
{
"date": "2024-11-21T04:55:06.977000",
"db": "NVD",
"id": "CVE-2020-10274"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1668"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leak vulnerabilities in multiple products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007376"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1668"
}
],
"trust": 0.6
}
}