CVE-2018-17931
MEDIUMVGo Robot Firmware < 3.0.3.52164 - Unauthenticated Code Execution via Script Alteration
Title source: llmDescription
If an attacker has physical access to the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior versions may also be affected) they may be able to alter scripts, which may allow code execution with root privileges.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-114-01
Scores
CVSS v3
6.8
EPSS
0.0042
EPSS Percentile
33.4%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
Status
published
Products (2)
vecna/vgo_firmware
3.0.3.53662
vecna/vgo_firmware
< 3.0.3.52164
Published
Oct 30, 2018
Tracked Since
Feb 18, 2026