kuka 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには パス処理の欠陥 and バッファオーバーフロー があり、vendor surface production workloads and vendor surface software deployment の利用場面で アプリケーションクラッシュ、vendor impact memory corruption, and ファイル上書き などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-2242 | The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default). | [email protected] | 9.8 | 0.89% | 2022-08-10 | 2026-06-17 |
| CVE-2021-33016 | An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS. | [email protected] | 9.8 | 0.91% | 2022-05-26 | 2026-06-16 |
| CVE-2021-33014 | An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS. | [email protected] | 8.8 | 0.81% | 2022-05-26 | 2026-06-16 |
| CVE-2020-10635 | Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext. | [email protected] | 4.3 | 0.33% | 2022-02-24 | 2026-06-16 |
| CVE-2020-10292 | Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol | [email protected] | 8.2 | 1.45% | 2020-11-06 | 2026-06-16 |
| CVE-2020-10291 | Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol | [email protected] | 7.5 | 1.43% | 2020-11-06 | 2026-06-16 |
| CVE-2020-10268 | Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that interfaces with the manipulator furthering the delay and increasing operational costs. | [email protected] | 6.1 | 0.31% | 2020-06-16 | 2026-06-16 |