Overview
- Description
- The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default).
- Source
- info@cert.vde.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- info@cert.vde.com
- CWE-306
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kuka:systemsoftware_v\\/kss:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08A86D9F-4341-46E9-9F3A-492DFBAC2401",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.2"
}
],
"operator": "OR"
}
]
}
]