OTPulse
FeedAboutContact

RoboDK

Monitor7.9ICS-CERT ICSA-23-082-01Mar 31, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

RoboDK v5.5.3 and prior contains a privilege escalation vulnerability (CWE-732) that allows an attacker with local access to write files to the RoboDK installation directory and achieve code execution. The vulnerability is not remotely exploitable. RoboDK has not engaged with CISA on mitigation efforts and no vendor fix is planned for this product.

What this means
What could happen
An attacker with local access to a system running RoboDK could escalate privileges and write files to the RoboDK installation directory, potentially achieving code execution with elevated permissions.
Who's at risk
This affects organizations using RoboDK v5.5.3 or earlier, particularly those deploying it as part of robot programming and simulation workflows in manufacturing, logistics, or research environments where local system access could be compromised.
How it could be exploited
An attacker must first gain local access to the system running RoboDK (e.g., via physical access, USB, or lateral movement after compromising another local account). They then exploit the privilege escalation vulnerability in RoboDK v5.5.3 or earlier to write arbitrary files to the RoboDK directory and execute code with elevated privileges.
Prerequisites
  • Local access to the system running RoboDK
  • RoboDK v5.5.3 or earlier installed
  • Ability to execute code or write files on the local system
no patch availablelocal exploitation only (limits immediate risk)privilege escalation capabilityvendor unresponsive to CISA remediation requests
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
: v5.5.3 and prior≤ 5.5.3No fix yet
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGRestrict local access: limit physical and network-based local access to RoboDK systems through access controls and monitoring
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

WORKAROUNDMonitor RoboDK support channels for vendor response and any future security updates
Long-term hardening
0/1
HARDENINGImplement network segmentation: isolate RoboDK systems and control networks behind firewalls, separate from corporate IT networks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/22058497-980a-4366-8216-f5f0406c0fec
RoboDK | CVSS 7.9 - OTPulse