CVE-2020-10264
HIGHUniversal Robots ur_software 3.0.14989-3.3.3.292 - Unauthenticated Robot Data Exposure via RTDE Interface
Title source: llmDescription
CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. Additionally unautheticated reading of robot data is also possible
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.universal-robots.com/how-tos-and-faqs/how-to/ur-how-tos/real-time-data-exchange-rtde-guide/
Scores
CVSS v3
8.8
EPSS
0.0056
EPSS Percentile
42.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-200
CWE-306
Status
published
Products (1)
universal-robots/ur_software
3.0.14989 - 3.3.3.292
Published
Apr 06, 2020
Tracked Since
Feb 18, 2026