CVE-2020-10287 – ABB IRC5 industrial robot controllers with UAS ... (How to Fix)

📋 TL;DR

ABB IRC5 industrial robot controllers with UAS service enabled use publicly documented default credentials that are often not changed in production systems. This allows attackers to gain unauthorized access to industrial control systems. Organizations using ABB IRC5 robots with UAS service are affected.

💻 Affected Systems

Products:

ABB IRC5 robot controllers

Versions: All versions with UAS service enabled

Operating Systems: RobotWare (ABB proprietary OS)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with UAS (Universal Access Service) enabled. Default credentials are documented in public manuals.

📦 What is this software?

Irb140 Firmware by Abb

View all CVEs affecting Irb140 Firmware →

Irc5 Firmware by Abb

View all CVEs affecting Irc5 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of industrial robot controllers leading to physical damage, production disruption, or safety hazards through unauthorized control of robotic systems.

🟠

Likely Case

Unauthorized access to robot controllers enabling configuration changes, data theft, or disruption of manufacturing operations.

🟢

If Mitigated

No impact if default credentials are changed and proper access controls are implemented.

🌐 Internet-Facing: HIGH - Systems exposed to internet with default credentials are trivially exploitable.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only knowledge of default credentials which are publicly documented. No special tools or skills needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: https://github.com/aliasrobotics/RVD/issues/3326

Restart Required: No

Instructions:

1. Access IRC5 controller interface
2. Navigate to UAS service configuration
3. Change default credentials to strong, unique passwords
4. Document new credentials securely
5. Verify old credentials no longer work

🔧 Temporary Workarounds

Disable UAS Service

all

Disable the Universal Access Service if not required for operations

Specific commands depend on RobotWare version and interface

Network Segmentation

all

Isolate IRC5 controllers from untrusted networks using firewalls

🧯 If You Can't Patch

Implement strict network access controls to limit access to IRC5 controllers
Enable logging and monitoring for authentication attempts to UAS service

🔍 How to Verify

Check if Vulnerable:

Attempt to authenticate to UAS service using publicly documented default credentials for ABB IRC5

Check Version:

Check RobotWare version through controller interface or diagnostic tools

Verify Fix Applied:

Verify default credentials no longer work and only new, strong credentials provide access

📡 Detection & Monitoring

Log Indicators:

Failed authentication attempts to UAS service
Successful logins from unexpected sources
Configuration changes to robot controllers

Network Indicators:

Unauthorized access attempts to UAS service ports
Traffic patterns indicating credential guessing

SIEM Query:

source="irc5_controller" AND (event_type="authentication" AND result="success") AND user="default_user"

📊 Metadata

CVE ID: CVE-2020-10287

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-255

Published: July 15, 2020

Last Updated: November 21, 2024

🔗 References

https://github.com/aliasrobotics/RVD/issues/3326 Third Party Advisory
https://github.com/aliasrobotics/RVD/issues/3326 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-10287, you might also want to check these: