Filtered by vendor Fanuc
Subscribe
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-43988 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
The affected product is vulnerable to a network-based attack by threat actors utilizing crafted naming conventions of files to gain unauthorized access rights. | |||||
CVE-2021-38483 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 3.3 LOW | 5.7 MEDIUM |
The affected product is vulnerable to misconfigured binaries, allowing users on the target PC with SYSTEM level privileges access to overwrite the binary and modify files to gain privilege escalation. | |||||
CVE-2021-43933 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
The affected product is vulnerable to a network-based attack by threat actors sending unimpeded requests to the receiving server, which could cause a denial-of-service condition due to lack of heap memory resources. | |||||
CVE-2021-43986 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 4.4 MEDIUM | 7.0 HIGH |
The setup program for the affected product configures its files and folders with full access, which may allow unauthorized users permission to replace original binaries and achieve privilege escalation. | |||||
CVE-2021-43990 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 2.6 LOW | 5.3 MEDIUM |
The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call. | |||||
CVE-2021-32998 | 1 Fanuc | 18 R-30ia, R-30ia Firmware, R-30ia Mate and 15 more | 2022-03-21 | 8.8 HIGH | 7.4 HIGH |
The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required. | |||||
CVE-2021-32996 | 1 Fanuc | 18 R-30ia, R-30ia Firmware, R-30ia Mate and 15 more | 2022-01-13 | 7.8 HIGH | 7.5 HIGH |
The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required. | |||||
CVE-2020-12739 | 1 Fanuc | 32 Power Motion I-model A, Power Motion I-model A Firmware, Series 0i-mate D and 29 more | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. |