Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection. The post Critical Vulnerability Exposes Industrial Robot Fleets to Hacking appeared first on SecurityWeek.
Universal Robots, a Danish company specializing in collaborative industrial robots, or cobots, has patched a critical vulnerability affecting one of its operating systems.
Advisories published last week by the cybersecurity agency CISA and Universal Robots revealed that PolyScope 5, an operating system and GUI designed to power and control the company’s cobots, is affected by CVE-2026-8153, an OS command injection vulnerability in the Dashboard Server interface.
The flaw, rated critical with a CVSS score of 9.8, has been patched in PolyScope 5.25.1.
Source: https://www.securityweek.com/critical-vulnerability-exposes-industrial-robot-fleets-to-hacking/
Related breach coverage
- Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking2026-05-21
CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.
- ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains2026-05-23
The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic. The post ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains appeared first on SecurityWeek.
- In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking2026-05-22
Other noteworthy stories that might have slipped under the radar: CISA contractor exposes credentials, Mythos testing and new features, Huawei router flaw triggered telecom blackout. The post In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking appeared first on SecurityWeek.
- Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises2026-05-13
CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”. The post Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises appeared first on SecurityWeek.