Vulnerabilities > CVE-2020-10277

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

mobile-industrial-robots

easyrobotics

uvd-robots

NVD

Published: 2020-06-24

Updated: 2021-09-14

Summary

There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.

Vulnerable Configurations

Part	Description	Count
OS	Mobile-Industrial-Robots Mobile Industrial Robots Mir100 Firmware * Mobile Industrial Robots Mir200 Firmware - Mobile Industrial Robots Mir250 Firmware - Mobile Industrial Robots Mir500 Firmware - Mobile Industrial Robots Mir1000 Firmware -	5
OS	Easyrobotics Easyrobotics Er200 Firmware - Easyrobotics ER Lite Firmware - Easyrobotics ER Flex Firmware - Easyrobotics ER ONE Firmware -	4
OS	Uvd-Robots UVD Robots UVD Firmware -	1
Hardware	Mobile-Industrial-Robots Mobile Industrial Robots Mir100 - Mobile Industrial Robots Mir200 - Mobile Industrial Robots Mir250 - Mobile Industrial Robots Mir500 - Mobile Industrial Robots Mir1000 -	5
Hardware	Easyrobotics Easyrobotics Er200 - Easyrobotics ER Lite - Easyrobotics ER Flex - Easyrobotics ER ONE -	4
Hardware	Uvd-Robots UVD Robots UVD -	1

References

https://github.com/aliasrobotics/RVD/issues/2562

Vulnerabilities > CVE-2020-10277 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-10277"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-10277