Improper Access Control in KUKA SystemSoftware V/KSS Versions Prior to 8.6.5

Improper Access Control in KUKA SystemSoftware V/KSS Versions Prior to 8.6.5

CVE-2022-2242 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default).

Learn more about our Cis Benchmark Audit For Robot Operating System.