CVE-2018-17931

Published: Oct 30, 2018Modified: Nov 21, 2024

6.8

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: NVD

Description

If an attacker has physical access to the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior versions may also be affected) they may be able to alter scripts, which may allow code execution with root privileges.

Affected (2)

Products: Vecna: Vgo Firmware

Vecna

1 product

Vgo Firmware

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Vecna Vgo Firmware	Up to 3.0.3.52164
Vecna Vgo Firmware	Version 3.0.3.53662

Running on/with	Platform Versions
Vecna Vgo	All versions

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://ics-cert.us-cert.gov/advisories/ICSA-18-114-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://ics-cert.us-cert.gov/advisories/ICSA-18-114-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.