admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Assign CVE-2020-10276

Browse Source
This commit is contained in:
Víctor Mayoral Vilches 2020-06-24 06:46:32 +02:00
parent 83c7e7bef8
commit 95007c169f
1 changed files with 98 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2020/10xxx/CVE-2020-10276.json
View File

@ -1,18 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve@aliasrobotics.com",
"DATE_PUBLIC": "2020-06-24T04:46:26 +00:00",
"ID": "CVE-2020-10276",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "RVD#2558: Default credentials on SICK PLC allows disabling safety features"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MiR100",
"version": {
"version_data": [
{
"version_value": "v2.8.1.1 and before"
}
]
}
}
]
},
"vendor_name": "Mobile Industrial Robots A/S"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Bernhard Dieber (Joanneum Research)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device."
}
]
},
"generator": {
"engine": "Robot Vulnerability Database (RVD)"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "critical",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwe.mitre.org/data/definitions/798.html",
"refsource": "CONFIRM",
"url": "https://cwe.mitre.org/data/definitions/798.html"
}
}
],
"reference_data": [
{
"name": "http://bernharddieber.com/publication/taurer2019mirsafety",
"refsource": "CONFIRM",
"url": "http://bernharddieber.com/publication/taurer2019mirsafety"
}
],
"reference_data": [
{
"name": "https://github.com/aliasrobotics/RVD/issues/2558",
"refsource": "CONFIRM",
"url": "https://github.com/aliasrobotics/RVD/issues/2558"
}
]
},
"source": {
"defect": [
"RVD#2558"
],
"discovery": "EXTERNAL"
}
}