CVE-2020-10268 - Vulnerability Details - OpenCVE

ReportizFlow

Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Kuka	Kr C4 Kr C4 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:kuka:kr_c4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:kuka:kr_c4:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/aliasrobotics/RVD/issues/2550

History

No history.

MITRE

Status: PUBLISHED

Assigner: Alias

Published: 2020-06-16T17:55:11.700406Z

Updated: 2024-09-16T18:59:43.071Z

Reserved: 2020-03-10T00:00:00

Link: CVE-2020-10268

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-06-16T18:15:17.027

Modified: 2024-11-21T04:55:06.133

Link: CVE-2020-10268

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "KR3R540, KRC4, KSS8.5.7HF1, Win7_Embedded", "vendor": "KUKA Roboter GmbH", "versions": [{"status": "affected", "version": "unspecified"}]}], "credits": [{"lang": "en", "value": "Alias Robotics (group, https://aliasrobotics.com)"}], "datePublic": "2020-06-16T00:00:00", "descriptions": [{"lang": "en", "value": "Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-749", "description": "CWE-749", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-16T17:55:11", "orgId": "dc524f69-879d-41dc-ab8f-724e78658a1a", "shortName": "Alias"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/aliasrobotics/RVD/issues/2550"}], "source": {"defect": ["RVD#2550"], "discovery": "EXTERNAL"}, "title": "RVD#2550: Terminate Critical Services in KUKA controller KR C4", "x_ConverterErrors": {"cvssV3_0": {"error": "CVSSV3_0 data from v4 record is invalid", "message": "Malformed CVSS3 vector, trailing \"/\""}}, "x_generator": {"engine": "Robot Vulnerability Database (RVD)"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "DATE_PUBLIC": "2020-06-16T17:49:11 +00:00", "ID": "CVE-2020-10268", "STATE": "PUBLIC", "TITLE": "RVD#2550: Terminate Critical Services in KUKA controller KR C4"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "KR3R540, KRC4, KSS8.5.7HF1, Win7_Embedded", "version": {"version_data": [{"version_value": ""}]}}]}, "vendor_name": "KUKA Roboter GmbH"}]}}, "credit": [{"lang": "eng", "value": "Alias Robotics (group, https://aliasrobotics.com)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs."}]}, "generator": {"engine": "Robot Vulnerability Database (RVD)"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "medium", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-749"}]}]}, "references": {"reference_data": [{"name": "https://github.com/aliasrobotics/RVD/issues/2550", "refsource": "CONFIRM", "url": "https://github.com/aliasrobotics/RVD/issues/2550"}]}, "source": {"defect": ["RVD#2550"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:58:40.108Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/aliasrobotics/RVD/issues/2550"}]}]}, "cveMetadata": {"assignerOrgId": "dc524f69-879d-41dc-ab8f-724e78658a1a", "assignerShortName": "Alias", "cveId": "CVE-2020-10268", "datePublished": "2020-06-16T17:55:11.700406Z", "dateReserved": "2020-03-10T00:00:00", "dateUpdated": "2024-09-16T18:59:43.071Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:kuka:kr_c4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "377A0187-FEE3-48BB-A225-30B13FBC3EF9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:kuka:kr_c4:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A25F107-7654-4B4C-BA1E-4B3098AC4568", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs."}, {"lang": "es", "value": "Los servicios cr\u00edticos para la operaci\u00f3n se pueden finalizar desde el administrador de tareas de Windows, provocando que el manipulador se detenga. Despu\u00e9s de esto, una recalibraci\u00f3n de los frenos se debe llevar a cabo. Tome en cuenta que esto solo puede lograrlo un t\u00e9cnico de Kuka o un hardware de calibraci\u00f3n emitido por Kuka que interact\u00fae con el manipulador, promoviendo el retraso e incrementando los costos operativos"}], "id": "CVE-2020-10268", "lastModified": "2024-11-21T04:55:06.133", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.2, "source": "[email protected]", "type": "Primary"}]}, "published": "2020-06-16T18:15:17.027", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://github.com/aliasrobotics/RVD/issues/2550"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/aliasrobotics/RVD/issues/2550"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-749"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}