The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default).
References
Link | Resource |
---|---|
https://www.kuka.com/advisories-CVE-2022-2242 | Mitigation Vendor Advisory |
Configurations
History
12 Aug 2022, 17:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:kuka:systemsoftware_v\/kss:*:*:*:*:*:*:*:* | |
References | (CONFIRM) https://www.kuka.com/advisories-CVE-2022-2242 - Mitigation, Vendor Advisory | |
First Time |
Kuka systemsoftware V\/kss
Kuka |
10 Aug 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-10 11:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-2242
Mitre link : CVE-2022-2242
CVE.ORG link : CVE-2022-2242
JSON object : View
Products Affected
kuka
- systemsoftware_v\/kss
CWE
CWE-306
Missing Authentication for Critical Function