VYPR

SystemSoftware V/KSS

by KUKA

CVEs (3)

  • CVE-2022-2242CriAug 10, 2022
    risk 0.64cvss 9.8epss 0.01

    The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default).

  • CVE-2021-33016CriMay 26, 2022
    risk 0.64cvss 9.8epss 0.01

    An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.

  • CVE-2021-33014HigMay 26, 2022
    risk 0.57cvss 8.8epss 0.01

    An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.