← Back to home
ICSA-18-191-01  ·  Published 2018-07-10  ·  View on CISA ICS-CERT ↗

Universal Robots Robot Controllers

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow a remote attacker to run arbitrary code on the device.

CVEs (2)

Remediations

  • Only allow trusted users physical access to the robot control box and teach pendant.
  • Do not connect the robot to a network unless it is required by the application.
  • Do not connect the robot directly to the internet. Use a secure network with proper firewall configuration (Ports 30001/TCP to 30003/TCP must be restricted).
  • Make the private subnet where the robot network interface is exposed as small as possible.

Affected Vendors

Universal Robots

Affected Products (1)

Universal Robots · CB 3.1 SW 3.4.5-100

Affected Sectors

Critical Manufacturing, Transportation Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more