← Volver a CVEs
CVE-2021-22279
CRITICAL9.8
Descripcion
A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado12/13/2021
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
abb:omnicore_c30abb:omnicore_c30_firmware
Debilidades (CWE)
CWE-306CWE-306
Referencias
https://search.abb.com/library/Download.aspx?DocumentID=SI20265&LanguageCode=en&DocumentPartId=&Action=Launch(cybersecurity@ch.abb.com)
https://search.abb.com/library/Download.aspx?DocumentID=SI20265&LanguageCode=en&DocumentPartId=&Action=Launch(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.