Vulnerabilities > Universal Robots > UR Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-06 | CVE-2020-10267 | Cleartext Storage of Sensitive Information vulnerability in Universal-Robots UR Software Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1.10) does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components (URCaps). | 7.5 |
| 2020-04-06 | CVE-2020-10265 | Missing Authentication for Critical Function vulnerability in Universal-Robots UR Software Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. | 9.4 |
| 2020-04-06 | CVE-2020-10264 | Missing Authentication for Critical Function vulnerability in Universal-Robots UR Software CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. | 8.8 |