Firmware Update Exposure in Vecna VGo Robot by Vecna Technologies
CVE-2018-8860

6.5MEDIUM

Key Information:

Vendor: Ics-cert
Status: Vgo Robot
Vendor: CVE Published:; 9 May 2018

What is CVE-2018-8860?

In certain versions of the Vecna VGo Robot, prior to 3.0.3.52164, a vulnerability exists that may allow attackers on adjacent networks to capture sensitive firmware updates. This could lead to unauthorized access or control over the robotic systems, emphasizing the need for robust network defenses and timely updates.

Affected Version(s)

VGo Robot All versions prior to 3.0.3.52164

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-114-01

x_refsource_MISC

http://www.securityfocus.com/bid/103966

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2018
Vulnerability Reserved
Mar 20, 2018

CVE-2018-8860 Data

JSON

Ics-cert

What is CVE-2018-8860?

Affected Version(s)

References

CVSS V3.1

Timeline