Discussion

Left ArrowBack to discussions page
Robo09Robo09 Posts: 4 Apprentice
Can anyone from Universal Robot confirm whether or not the security vulnerabilities uncovered by iOActive ( unpatched 3.4.2.65, May 2017) have been addressed in subsequent versions of Polyscope?

https://ioactive.com/exploiting-industrial-collaborative-robots/

Comments

  • David_GariepyDavid_Gariepy Posts: 164Beta Tester Beetle, Wrist Camera URCap 1.3.0 Handy
    @JacobBom can you confirm?
    David Gariépy
    Integration Coach
  • JacobBomJacobBom Posts: 8 Handy
    Universal Robots have implemented numerous security patches to the robot OS and PolyScope, since this report was published. 
    However we are also proud to have a fairly open architecture, that allows system integrators and UR+ Partners to easily develop and integrate the solutions they need. 

    The report is based on that the hacker has direct Ethernet access to the robot. 
    And the easiest way to mitigate that risk is simply to a) cut the Ethernet cable, if not needed, b) run the robot solely on a factory LAN network (which we see implemented in most cases), or c) use a sufficiently secure gateway for access to the WWW. 
    In that way, we generally experience and urge that network security measures are implemented between the factory LAN (where robots, PLC's, vision systems etc. can interact) and the WAN network. 
Sign In or Register to comment.
Left ArrowBack to discussions page