CVE-2021-22279
CRITICALABB OmniCore C30 Firmware < 7.3.2 - Missing Authentication for Critical Function via Connected Services Gateway
Title source: llmDescription
A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://search.abb.com/library/Download.aspx?DocumentID=SI20265&LanguageCode=en&DocumentPartId=&Action=Launch
Scores
CVSS v3
9.8
EPSS
0.0031
EPSS Percentile
54.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (1)
abb/omnicore_c30_firmware
< 7.3.2
Published
Dec 13, 2021
Tracked Since
Feb 18, 2026