- Description
- A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port.
- Source
- cybersecurity@ch.abb.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:omnicore_c30_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FCE8FA4-E440-4054-AC08-026C8330C5EB",
"versionEndExcluding": "7.3.2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:omnicore_c30:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "74FC3FD0-0A15-4013-B235-123088834F4F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]