Multiple vulnerabilities in Vecna VGo Robot

Published: 2018-04-25

Risk	Medium
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2018-8866 CVE-2018-8860
CWE-ID	CWE-78 CWE-319
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software Subscribe	VGo Celia Hardware solutions / Firmware
Vendor	Vecna Technologies

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) OS command injection

EUVDB-ID: #VU12165

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8866

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows an adjacent attacker to execute arbitrary shell commands on the target system.

The weakness exists due to insufficient validation of user-supplied input. An adjacent attacker can inject and execute arbitrary shell commands.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update to version 3.0.3.53662.

Vulnerable software versions

VGo Celia: 1.4.2 - 3.0.3.52164

External links

http://go.zingbox.com/rs/562-ZPO-907/images/Zingbox%20Whitepaper%20-%20Telepresence%20Robot%20Vulnerabilities.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU12167

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8860

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information