Vulnerabilities > Ufactory > Xarm 5 Lite Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-10286 | Improper Privilege Management vulnerability in Ufactory products the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation. | 5.8 |
| 2020-07-15 | CVE-2020-10285 | Insufficient Entropy vulnerability in Ufactory Xarm 5 Lite Firmware 1.5.0 The authentication implementation on the xArm controller has very low entropy, making it vulnerable to a brute-force attack. | 7.5 |