Overview
- Description
- A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port.
- Source
- cybersecurity@ch.abb.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:omnicore_c30:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "74FC3FD0-0A15-4013-B235-123088834F4F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:omnicore_c30_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FCE8FA4-E440-4054-AC08-026C8330C5EB",
"versionEndExcluding": "7.3.2"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]