Vulnerabilities > UVD Robots > UVD Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-24 | CVE-2020-10275 | Inadequate Encryption Strength vulnerability in multiple products The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. | 9.8 |
| 2020-06-24 | CVE-2020-10276 | Use of Hard-coded Credentials vulnerability in multiple products The password for the safety PLC is the default and thus easy to find (in manuals, etc.). | 9.8 |