CVE-2020-10271

24.06.2020, 05:15

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph to all network interfaces, wireless and wired. This is the result of a bad set up and can be mitigated by appropriately configuring ROS and/or applying custom patches as appropriate. Currently, the ROS computational graph can be accessed fully from the wired exposed ports. In combination with other flaws such as CVE-2020-10269, the computation graph can also be fetched and interacted from wireless networks. This allows a malicious operator to take control of the ROS logic and correspondingly, the complete robot given that MiR's operations are centered around the framework (ROS).

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Alias	CNA	10 CRITICAL	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 62%

Vendor	Product	Version
aliasrobotics	mir100_firmware	𝑥 ≤ 2.8.1.1
aliasrobotics	mir200_firmware	𝑥 ≤ 2.8.1.1
aliasrobotics	mir250_firmware	𝑥 ≤ 2.8.1.1
aliasrobotics	mir500_firmware	𝑥 ≤ 2.8.1.1
aliasrobotics	mir1000_firmware	𝑥 ≤ 2.8.1.1
mobile-industrial-robotics	er200_firmware	𝑥 ≤ 2.8.1.1
enabled-robotics	er-lite_firmware	𝑥 ≤ 2.8.1.1
enabled-robotics	er-flex_firmware	𝑥 ≤ 2.8.1.1
enabled-robotics	er-one_firmware	𝑥 ≤ 2.8.1.1
uvd-robots	uvd_robots_firmware	𝑥 ≤ 2.8.1.1

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-668 - Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References

https://github.com/aliasrobotics/RVD/issues/2555