How severe is CVE-2020-10271?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 10 out of 10.

What type of vulnerability is CVE-2020-10271?

This is classified as CWE-668, which is a common weakness in software security.

CVE-2020-10271 - CRITICAL Severity | CVSS 10

Vulnerability Description

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph to all network interfaces, wireless and wired. This is the result of a bad set up and can be mitigated by appropriately configuring ROS and/or applying custom patches as appropriate. Currently, the ROS computational graph can be accessed fully from the wired exposed ports. In combination with other flaws such as CVE-2020-10269, the computation graph can also be fetched and interacted from wireless networks. This allows a malicious operator to take control of the ROS logic and correspondingly, the complete robot given that MiR's operations are centered around the framework (ROS).

Related Vulnerabilities

CVE-2019-8779

CRITICAL

CVSS:10.0(Critical)

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app...

CWE-6682019

CVE-2019-16541

CRITICAL

CVSS:9.9(Critical)

Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.

CWE-6682019

CVE-2022-1467

CRITICAL

CVSS:9.9(Critical)

Windows OS can be configured to overlay a “language bar” on top of any application. When this OS functionality is enabled, the OS language bar UI will be viewable in the browser alongside the AVEVA In...

CWE-6682022

CVE-2008-7291

CRITICAL

CVSS:9.8(Critical)

gri before 2.12.18 generates temporary files in an insecure way.

CWE-6682008

CVE-2017-18129

CRITICAL

CVSS:9.8(Critical)

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelera...

CWE-6682017

CVE-2018-18068

CRITICAL

CVSS:9.8(Critical)

The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register ...

CWE-6682018