As the world digitally transforms and society is making the great leap towards artificial intelligence and automation, vulnerabilities are being spotted in the most innovative sectors, such as critical manufacturing robotics. This time, reports confirm that one of the world’s leading industrial robot and factory automation giants Kuka, based in Germany, is suffering from software vulnerabilities.
The Kuka KR C4 Controller
According to the official Kuka website, the Kuka KR C4 is a “revolutionary” control system (controller). It is a controller that controls the innovative automated robotics systems used in industries and factories. According to the official Kuka website, “The KR C4 concept is revolutionary. For the first time, Robot and Motion Control are seamlessly and interactively integrated with control processes for PLC, CNC, and Safety.” Kuka claims that this controller device reduces costs while increasing flexibility and efficiency in industrial applications.
The Kuka KR C4 Product Vulnerability
The software vulnerability in Kuka’s KR C4 product was reported by CISA (the U.S. federal Cybersecurity & Infrastructure Security Agency.) According to the official reports Chen Jie, who works for NSFOCUS threat intelligence, first reported the issue to CISA. The issue is a software vulnerability in the Kuka KR C4 product. According to the official CISA report ICS Advisory (ICSA-21-208-01) which was released on July 27th, 2001 the executive summary of the report entails that there is a software vulnerability in the KR C4 software. Specifically, the affected versions are “all versions prior to 8.7” as well as all versions of KSS. The vulnerability is due to a flaw in the use of hard-coded credentials. Due to there being hard-coded credentials, an attacker can gain full access (read/write/delete) to the sensitive folders in the system.
The Technical Details
The executive summary goes into the risk analysis of this vulnerability: The CVSS score (Common Vulnerability Scoring System) for this vulnerability has been marked down as 9.8 indicating that this is a critical security flaw. There are two CVE ID codes for this flaw. They are CVE-2021-33016 and CVE-2021-33014. Further technical details reveal that successful exploitation of this flaw could result in unauthorized (remote) access to sensitive information as well as access to the core-shell (VXWorks Shell). This means that a remote (external) attacker could potentially gain full access to the controller system.
The Recommended Safety Measures
There is no traditional patch for customers or owners of these machines. They would need to change their passwords manually. Another complication that arises is that older versions do not support a password change. KSS version 8.2 and below do not support the password change that is required. For the earlier versions, users and customers should contact Kuka assistance for additional assistance on the matter. As for users and customers that use KSS 8.3 and above, they must change their passwords manually.
CISA Safety Recommendations
According to the official CISA release report, users need to “take defensive measures to minimize the risk of exploitation of these vulnerabilities.” Particularly, users should; minimize network exposure, isolate control system networks and remote devices, as well as utilize VPNs (Virtual Private Networks) until they mitigate the issue with the steps in the above section.
