Universal Robots Remediates Holes

Tuesday, July 10, 2018 @ 05:07 PM gHale

Universal Robots has a remediation program in place to mitigate a use of hard-coded credentials and a missing authentication for critical function vulnerabilities in its robot controllers, according to a report with NCCIC.

Successful exploitation of these vulnerabilities could allow a remote attacker to run arbitrary code on the device.

Schweitzer Fixes Multiple Holes
Rockwell Working on Stratix 5950 Fix
Mitigations for Siemens Industrial Plant Clocks
Medtronic Updates for MyCareLink Monitor Holes

CB 3.1, SW Version 3.4.5-100 suffers from the remotely exploitable vulnerabilities.

Davide Quarta, Mario Polino, Marcello Pogliani, and Stefano Zanero from Politecnico di Milano as well as Federico Maggi with Trend Micro Inc.’s Forward-Looking Threat Research Team reported these vulnerabilities to NCCIC. CVE-2018-10635 was first disclosed by Cesar Cerrudo and Lucas Apa in their presentation Hacking Robots Before Skynet.

In one vulnerability, the application utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller.

CVE-2018-10633 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

In addition, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained.

CVE-2018-10635 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

The product sees use in the critical manufacturing and transportation systems sectors. It also sees action on a global basis.

In addition, an attacker with low skill level could leverage the vulnerabilities.

Denmark-based Universal Robots recommends the follow remedial actions:
• Only allow trusted users physical access to the robot control box and teach pendant.
• Do not connect the robot to a network unless it is required by the application.
• Do not connect the robot directly to the internet. Use a secure network with proper firewall configuration (Ports 30001/TCP to 30003/TCP must be restricted).
• Make the private subnet where the robot network interface is exposed as small as possible.

Leave a Reply

You must be logged in to post a comment.