{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T15:00:00.669","vulnerabilities":[{"cve":{"id":"CVE-2020-10292","sourceIdentifier":"cve@aliasrobotics.com","published":"2020-11-06T12:15:11.743","lastModified":"2024-11-21T04:55:09.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol by RMS Sentinel which provides the licensing infrastructurefor the network license server. RMS Sentinel license manager service exposes UDP port 5093 which provides sensitivesystem information that could be leveraged for further exploitation without any kind of authentication. Thisinformation includes detailed hardware and OS characteristics.After a decryption process, a textual protocol is found which contains a simple header with the requested command,application-identifier, and some arguments. The protocol is vulnerable to DoS through an arbitrary pointerderreference. This flaw allows an attacker to to pass a specially crafted package that, when processed by theservice, causes an arbitrary pointer from the stack to be dereferenced, causing an uncaught exception thatterminates the service. This can be further contructed in combination with RVDP#710 which exploits an informationdisclosure leak, or with RVDP#711 for an stack-overflow and potential code execution.Beyond denying simulations, Visual Components provides capabilities to interface with industrial machinery andautomate certain processes (e.g. testing, benchmarking, etc.) which depending on the DevOps setup might beintegrated into the industrial flow. Accordingly, a DoS in the simulation might have higher repercusions, dependingon the Industrial Control System (ICS) ICS infrastructure."},{"lang":"es","value":"Visual Components (propiedad de KUKA) es un simulador robótico que permite simular fábricas y robots para mejorar los procesos de planificación y toma de decisiones. El software Visual Components requiere una licencia especial que puede ser obtenida desde un servidor de licencias de red. El servidor de licencias de red se enlaza a todas las interfaces (0.0.0.0) y escucha los paquetes a través del puerto UDP 5093. No es requerida una autenticación y autorización para comunicarse con el servidor. El protocolo que es usado es un protocolo propiedad de RMS Sentinel que proporciona la infraestructura de licencias para el servidor de licencias de red. El servicio administrador de licencias de RMS Sentinel expone el puerto UDP 5093 que provee información confidencial del sistema que podría ser aprovechada para una nueva explotación sin ningún tipo de autenticación. Esta información incluye características detalladas de hardware y OS. Después de un proceso de descifrado, se encuentra un protocolo textual que contiene un encabezado simple con el comando solicitado, el identificador de la aplicación y algunos argumentos. El protocolo es vulnerable a una DoS por medio de una referencia de puntero arbitraria. Este fallo permite a un atacante pasar un paquete especialmente diseñado que, cuando es procesado por el servicio, causa que un puntero arbitrario de la pila sea desreferenciado, provocando una excepción no detectada que finaliza el servicio. Esto se puede construir aún más en combinación con RVDP#710 que explota un filtrado de divulgación de información, o con RVDP # 711 para un desbordamiento de la pila y una potencial ejecución de código. Más allá de denegar simulaciones, Visual Components proporciona capacidades para interactuar con maquinaria industrial y automatizar determinados procesos (por ejemplo testing, benchmarking, etc. ) que, según la configuración de DevOps, podría integrarse en el flujo industrial. En consecuencia, una DoS en la simulación podría tener mayores repercusiones, dependiendo de la infraestructura del Sistema de Control Industrial (ICS)"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}],"cvssMetricV30":[{"source":"cve@aliasrobotics.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cve@aliasrobotics.com","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kuka:visual_components_network_license_server:2.0.8:*:*:*:*:*:*:*","matchCriteriaId":"37AF9A3F-EDE2-4943-B441-F32E1669B48A"}]}]}],"references":[{"url":"https://www.visualcomponents.com/products/visual-components/","source":"cve@aliasrobotics.com","tags":["Vendor Advisory"]},{"url":"https://www.visualcomponents.com/products/visual-components/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}