CVE-2020-10635 MEDIUM

CVE-2020-10635: ICSA-20-098-05 KUKA.Sim Pro Improper Enforcement of Message Integrity During Transmission in a Communication Channel

Vendor Kuka
Product Sim Pro
Weakness CWE-924
Published February 24, 2022
Last update April 16, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext.

Key dates

02Disclosure timeline

February 24, 2022 CVE published
April 16, 2025 Record updated