CVE-2020-10280 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Alias	CNA	8.2 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 61%

Vendor	Product	Version
mobile-industrial-robots	mir100_firmware	𝑥 ≤ 2.8.1.1
mobile-industrial-robots	mir200_firmware	-
mobile-industrial-robots	mir250_firmware	-
mobile-industrial-robots	mir500_firmware	-
mobile-industrial-robots	mir1000_firmware	-
easyrobotics	er200_firmware	-
easyrobotics	er-lite_firmware	-
easyrobotics	er-flex_firmware	-
easyrobotics	er-one_firmware	-
uvd-robots	uvd_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-239 - Failure to Handle Incomplete Element
The software does not properly handle when a particular element is not completely specified.
CWE-404 - Improper Resource Shutdown or Release
The program does not release or incorrectly releases a resource before it is made available for re-use.

References

https://github.com/aliasrobotics/RVD/issues/2568

https://github.com/aliasrobotics/RVD/issues/2568