Command Injection Vulnerability in MiR Software by Mobile Industrial Robots
CVE-2025-8748

8.8HIGH

Key Information:

Vendor: Mobile Industrial Robots
Status: Mir Robots; Mir Fleet
Vendor: CVE Published:; 8 August 2025

🔔 Create Mobile Industrial Robots Vulnerability Alert

What is CVE-2025-8748?

A command injection vulnerability exists in MiR software versions prior to 3.0.0, allowing an authenticated user to send a specifically crafted HTTP request. This request could lead to the execution of arbitrary commands on the underlying operating system, potentially compromising system integrity and security. Organizations utilizing these vulnerable versions should prioritize upgrading to mitigate these security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MiR Fleet 0 < 3.0.0

MiR Robots 0 < 3.0.0

References

https://mobile-industrial-robots.com/security-advisories/...

vendor-advisory

https://supportportal.mobile-industrial-robots.com/docume...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 8, 2025
Vulnerability Reserved
Aug 8, 2025

Credit

Lockheed Martin Red Team

JSON

Mobile Industrial Robots

What is CVE-2025-8748?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.