← Back to home
ICSA-21-243-02  ·  Published 2022-02-03  ·  View on CISA ICS-CERT ↗

FANUC Robot Controllers (Update A)

CVSS 7.4 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution.

CVEs (2)

Remediations

  • FANUC is recommending the following, both of which are documented in FANUC's Internet Setup and Operations Manual
  • FANUC Server Access Control (FSAC): Users can configure access to the FANUC webserver based on IP address.
  • Network Protocol Access Level: Users can configure which protocols are usable on the controller by creating a firewall where users can close unwanted ports based on the chosen access level.
  • FANUC users can also find any additional information by visiting the FANUC website or contacting FANUC.

Affected Vendors

FANUC

Affected Products (1)

FANUC · R-30iA R-30iA Mate 7 | 7.20 | 7.30 | 7.40 | 7.43 | 7.50 | 7.63 | 7.70

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more