#VU13799 Authentication bypass in SW and CB - CVE-2018-10635
Published: July 11, 2018
Vulnerability identifier: #VU13799
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-10635
CWE-ID: CWE-306
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
SW
CB
SW
CB
Software vendor:
Universal Robots
Universal Robots
Description
The vulnerability allows a remote attacker to bypass authentication on the target system.
The vulnerability exists due to ports 30001/TCP to 30003/TCP listen for arbitrary URScript code. A remote unauthenticated attacker who has access to the ports can bypass authentication and execute arbitrary code that may allow root access to be obtained.
Remediation
Universal Robots recommends the follow remedial actions:
- Only allow trusted users physical access to the robot control box and teach pendant.
- Do not connect the robot to a network unless it is required by the application.
- Do not connect the robot directly to the internet. Use a secure network with proper firewall configuration (Ports 30001/TCP to 30003/TCP must be restricted).
- Make the private subnet where the robot network interface is exposed as small as possible.