RSS   Vulnerabilities for 'URX'   RSS

2020-08-21
 
CVE-2020-10290

CWE-269
 

 
Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor could 'cook' a custom URCap that when deployed by the user (intendedly or unintendedly) compromises the system

 


Copyright 2024, cxsecurity.com

 

Back to Top