Vulnerabilities > CVE-2020-10284 - Unspecified vulnerability in Ufactory Xarm Studio 1.3.0

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

ufactory

NVD

Published: 2020-07-15

Updated: 2020-07-23

Summary

No authentication is required to control the robot inside the network, moreso the latest available user manual shows an option that lets the user to add a password to the robot but as in xarm_studio 1.3.0 the option is missing from the menu. Assuming manual control, even by forcefully removing the current operator from an active session.

Vulnerable Configurations

Part	Description	Count
Application	Ufactory Ufactory Xarm Studio 1.3.0	1

References

https://www.ufactory.cc/#/en/support/download/xarm