Authorization Control Issue in MiR Software by Mobile Industrial Robots
CVE-2025-9228

4.3MEDIUM

Key Information:

Vendor: Mobile Industrial Robots
Status: Mir Robots; Mir Fleet
Vendor: CVE Published:; 20 August 2025

🔔 Create Mobile Industrial Robots Vulnerability Alert

What is CVE-2025-9228?

The MiR software, developed by Mobile Industrial Robots, has a vulnerability where insufficient authorization controls allow low-privilege users to create text notes meant for administrative users. This oversight in user permissions could lead to unauthorized access to sensitive information or misuse of the note-taking feature, thus compromising the integrity of the application.

Affected Version(s)

MiR Fleet 0 < 3.0.0

MiR Robots 0 < 3.0.0

References

https://mobile-industrial-robots.com/security-advisories/...

vendor-advisory

https://supportportal.mobile-industrial-robots.com/docume...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2025
Vulnerability Reserved
Aug 20, 2025

Credit

Lockheed Martin Red Team

CVE-2025-9228 Data

JSON