Skip to content

RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point #2566

New issue
New issue
Open
Open
RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point#2566
Labels
robot: ER-Flexrobot: ER-Literobot: ER-Onerobot: ER200robot: MiR100robot: MiR1000robot: MiR200robot: MiR250robot: MiR500robot: UVDseverity: critical9.0 - 10.0vendor: Easy Roboticsvendor: Enabled Roboticsvendor: Mobile Industrial Robotsvendor: Robotplushttps://robotplus.es/vendor: UVD Robotsvulnerability
@rvd-bot

Description

@rvd-bot
rvd-bot
opened on Jun 24, 2020
id: 2566
title: 'RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point'
type: vulnerability
description: One of the wireless interfaces within MiR100, MiR200 and possibly (according
  to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access
  Point) mode. Credentials to such wireless Access Point default to well known and
  widely spread SSID (MiR_RXXXX) and passwords (omitted). This information is also
  available in past User Guides and manuals which the vendor distributed. We have
  confirmed this flaw in MiR100 and MiR200 but it might also apply to MiR250, MiR500
  and MiR1000.
cwe: CWE-798
cve: CVE-2020-10269
keywords:
- MiR100, MiR200, MiR500, MiR250, MiR1000, ER200, ER-Lite, ER-Flex,
  ER-One, UVD, Autentication
system: MiR100:v2.8.1.1 and before, MiR200, MiR250, MiR500, MiR1000, ER200,
  ER-Lite, ER-Flex, ER-One, UVD
vendor: Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robots
severity:
  rvss-score: 9.8
  rvss-vector: RVSS:1.0/AV:AN/AC:H/PR:L/UI:N/Y:Z/S:U/C:H/I:H/A:H/H:HU
  severity-description: Critical
  cvss-score: 9.8
  cvss-vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
links:
- https://cwe.mitre.org/data/definitions/798.html
- https://www.mobile-industrial-robots.com/media/2714/mir100-user-guide_robot-interface-20-v10.pdf
- http://bernharddieber.com/publication/taurer2019mirsafety
- https://github.com/aliasrobotics/RVD/issues/2566
flaw:
  phase: testing
  specificity: general-issue
  architectural-location: Platform code
  application: All
  subsystem: UI:Login
  package: N/A
  languages: None
  date-detected: 2019-07-01
  detected-by: Bernhard Dieber (Joanneum Research), Alias Robotics (https://aliasrobotics.com/)
  detected-by-method: testing dynamic, web browser.
  date-reported: '2020-06-24'
  reported-by: "Alias Robotics (https://aliasrobotics.com/), further edited by Victor Mayoral Vilches (Alias Robotics)"
  reported-by-relationship: security researcher
  issue: https://github.com/aliasrobotics/RVD/issues/2566
  reproducibility: Always
  trace: Not disclosed
  reproduction: Not disclosed
  reproduction-image: Not disclosed
exploitation:
  description: Not disclosed
  exploitation-image: Not disclosed
  exploitation-vector: Not disclosed
  exploitation-recipe: ''
mitigation:
  description: Not disclosed
  pull-request: Not disclosed
  date-mitigation: null

Metadata

Metadata

Assignees

No one assigned

    Labels

    robot: ER-Flexrobot: ER-Literobot: ER-Onerobot: ER200robot: MiR100robot: MiR1000robot: MiR200robot: MiR250robot: MiR500robot: UVDseverity: critical9.0 - 10.0vendor: Easy Roboticsvendor: Enabled Roboticsvendor: Mobile Industrial Robotsvendor: Robotplushttps://robotplus.es/vendor: UVD Robotsvulnerability

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions