1. Forum
  2. tqwNet
  3. TQW GENTECH

  • 'Security of your network is essential to security of your robot'

    From TechnologyDaily@1337:1/100 to All on Mon May 25 23:30:25 2026
    'Security of your network is essential to security of your robot': Industrial robots targeted by malware, which could open them up to hacking is this how the revolution begins?

    Date:
    Mon, 25 May 2026 22:15:00 +0000

    Description:
    A critical Universal Robots vulnerability allows attackers to remotely
    execute commands and potentially compromise industrial robots and factory networks.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Attackers can remotely execute commands on vulnerable industrial robots without requiring authentication Outdated factory robots may expose entire manufacturing networks to devastating cyberattacks today Poor network segmentation could allow compromised workstations to hijack nearby collaborative robots A critical command injection vulnerability has been discovered in Universal Robots PolyScope 5, the operating system whucg powers the company's collaborative robots.

    The flaw, tracked as CVE-2026-8153, carries a CVSS score of 9.8 and affects all software versions prior to PolyScope 5.25.1. An unauthenticated attacker who can reach the Dashboard Server network port can craft commands that execute directly on the robot's underlying operating system. Latest Videos From You may like Yarbo forced to patch mowers after threat to remotely
    hijack thousands of devices Security experts discover critical flaw in OpenAI's Codex able to compromise entire organizations UK cyber breaches rise as attackers exploit 'Zombie Tech' Command injection vulnerability actually works This vulnerability could lead to complete compromise of the robot controller, affecting the confidentiality, integrity, and availability of the entire system

    The Dashboard Server accepts user-controlled input and passes it to the operating system without properly neutralizing special command elements.

    This oversight allows an attacker to inject arbitrary commands that the robot will execute with full system privileges.

    The flaw was discovered and reported by Vera Mens of Claroty Team82, who coordinated the disclosure through CISA and CERT/CC's VINCE platform. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
    your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Universal Robots has released a patch in PolyScope 5.25.1, which is available on the company's support site for all affected customers - but the patch does nothing until someone actually installs it, and every day that passes without updating is another day attackers have to exploit known vulnerabilities.

    Therefore, the company strongly recommends that every user update to version 5.25.1 or newer as soon as possible. Network security is the real protection against this exploitation Remote exploitation of this vulnerability requires the robot's Dashboard Server to be enabled in the user interface, and its network port must be reachable by the attacker. What to read next Weak safeguards leave thousands of AI agents open to attack Zyxel warns over a dozen routers could be affected by critical RCE security flaw 'A human-chosen password doesn't stand a chance': OpenClaw has yet another major security
    flaw here's what we know about "ClawJacked"

    Universal Robots stated that its products are not designed to be accessible directly from the internet, and direct inbound internet access is typically prevented by corporate firewalls .

    However, robots that are accessible from a local area network may be vulnerable to attacks originating from within that network.

    "Security of your network is essential to security of your robot," the
    company warned in its advisory to customers and integrators.

    No known public exploitation specifically targeting this vulnerability has been reported to CISA at the time of this disclosure.

    This vulnerability is serious, and the conditions for exploitation are not difficult to imagine in real industrial environments.

    A compromised workstation on the same factory floor network could easily
    reach a robot's Dashboard Server port if proper network segmentation is missing.

    Their behaviour afterwards could be unpredictable, because it is controlled
    by someone other than its owners.

    Therefore, this will likely not lead to some sort of autonomous robotic revolution, but only represents the preponderance of hackers trying to gain control of systems.

    The rise of collaborative robots working alongside humans makes this threat particularly concerning because a compromised robot could cause physical harm to nearby personnel. Follow TechRadar on Google News and add us as a
    preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/security-of-your-network-is-essential-t o-security-of-your-robot-industrial-robots-targeted-by-malware-which-could-ope n-them-up-to-hacking-is-this-how-the-revolution-begins


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)