{"vulnerability": "CVE-2026-8153", "sightings": [{"uuid": "13632ee9-7d64-4823-b98c-5cab5a6566cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mldspzgf4f2v", "content": "CVE-2026-8153 - Command injection in Dashboard Server interface\nCVE ID : CVE-2026-8153\n \n Published : May 8, 2026, 11:45 a.m. | 40\u00a0minutes ago\n \n Description : OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.21.1 allows unau...", "creation_timestamp": "2026-05-08T13:14:07.918395Z"}, {"uuid": "48dae09f-095d-4880-93be-29e960754eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mldtfdu7v32x", "content": "Universal Robots PolyScope v5.21.1\u4ee5\u524d\u306eDashboard Server\u3067OS\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3002\u672a\u8a8d\u8a3c\u306e\u653b\u6483\u8005\u304c\u30ed\u30dc\u30c3\u30c8OS\u4e0a\u3067\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u53ef\u80fd\u3002\nCVE-2026-8153 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-05-08T13:26:03.554033Z"}, {"uuid": "9d678a17-83f5-4dbb-9bf0-f639dc711102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlgzuhmqd72q", "content": "\ud83d\udd34 CVE-2026-8153 - Critical (9.8)\n\nOS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-8153/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-09T19:59:52.958611Z"}, {"uuid": "c0f1f3aa-836e-4197-ad6d-4da24691756f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8153", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-17", "content": "View CSAF\n\nSummary\n\nSuccessful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code.\n\nThe following versions of Universal Robots Polyscope 5 are affected:\n\n\n\nPolyscope 5 <5.25.1 \n\n<div class=\"csaf-table\">\n\n\n\n\nCVSS\nVendor\nEquipment\nVulnerabilities\n\n\n\n\nv3 9.8\nUniversal Robots\nUniversal Robots Polyscope 5\nImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\n\n\n\n</div>\n\nBackground\n\n\n\nCritical Infrastructure Sectors: Critical Manufacturing\n\nCountries/Areas Deployed: Worldwide\n\nCompany Headquarters Location: Denmark\n\n\n\n\nVulnerabilities\n<div class=\"csaf-accordion\">\n\nExpand All +\n<div class=\"csaf-accordion-item\">\n\nCVE-2026-8153\n<div class=\"csaf-accordion-content\">\n\nOS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS.\n\nView CVE Details\n\n\n\nAffected Products\n\nUniversal Robots Polyscope 5\n<div class=\"ics-vendor-version-status\">\n<div class=\"ics-vendor\">Vendor:Universal Robots</div>\n<div class=\"ics-version\">Product Version:Universal Robots Polyscope 5: <5.25.1</div>\n<div class=\"ics-status\">Product Status:known_affected</div>\n</div>\n<div class=\"ics-remediations\">\n\nRemediations\n\nVendor fixUniversal Robots has released Polyscope 5 version 5.25.1.For more information, see Universal Robots article: https://www.universal-robots.com/articles/ur/cybersecurity/cve-2026-8153-command-injection-in-the-polyscope-5-dashboard-server/.https://www.universal-robots.com/articles/ur/cybersecurity/cve-2026-8153-command-injection-in-the-polyscope-5-dashboard-server/\n</div>\n\nRelevant CWE: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\n\n\n\nMetrics\n<div class=\"csaf-table csaf-metrics-table\">\n\n\n\n\nCVSS Version\nBase Score\nBase Severity\nVector String\n\n\n\n\n3.1\n9.8\nCRITICAL\nCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\n\n\n</div>\n</div>\n</div>\n</div>\n\n\n\nAcknowledgments\n\n\n\nVera Mens of Claroty Team82 reported these vulnerabilities to CISA\n\n\n\n\nLegal Notice and Terms of Use\n\nThis product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).\n\n\n\nRecommended Practices\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities.\n\nMinimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.\n\nLocate control system networks and remote devices behind firewalls and isolating them from business networks.\n\nWhen remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.\n\nCISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.\n\nAdditional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\n\nOrganizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.\n\nCISA also recommends users take the following measures to protect themselves from social engineering attacks:\n\nDo not click web links or open attachments in unsolicited email messages.\n\nRefer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.\n\nRefer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.\n\nNo known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.\n\n\n\nRevision History\n\n\n\nInitial Release Date: 2026-05-14\n\n\n\n\n\nDate\nRevision\nSummary\n\n\n\n\n2026-05-14\n1\nInitial Publication\n\n\n\n\n\n\nLegal Notice and Terms of Use", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}, {"uuid": "1d55bc92-a4fa-4bf4-a6e2-19040cdfb186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mm7eoqmffi2i", "content": "CVE-2026-8153: Universal Robots Cobots Vulnerable to Unauthenticated RCE", "creation_timestamp": "2026-05-19T12:17:25.762595Z"}, {"uuid": "1c26c585-4828-4258-8812-522d6abc3976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116600067519582012", "content": "\u26a0\ufe0f CRITICAL: CVE-2026-8153 affects Universal Robots PolyScope 5 \u2014 OS command injection via Dashboard Server lets unauthenticated attackers control cobots on internal networks. Patch to v5.25.1 now! https://radar.offseq.com/threat/critical-vulnerability-exposes-industrial-robot-fl-d5e8e072 #OffSeq #ICS #Robotics #Security", "creation_timestamp": "2026-05-19T07:30:55.826879Z"}, {"uuid": "2e958543-b669-4d69-856d-41f37c6f6bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mm75uewjjf2a", "content": "Universal Robots patched CVE-2026-8153, a 9.8 command injection flaw in PolyScope 5 Dashboard Server that could let attackers run commands on cobot controllers and spread across poorly segmented OT fleets. #UniversalRobots #PolyScope5 #CVE20268153", "creation_timestamp": "2026-05-19T10:15:19.071823Z"}, {"uuid": "5824786d-b7b9-44bb-b44d-4662914a2d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://bsky.app/profile/ransomnews.online/post/3mmbpk7lpik2p", "content": "\ud83d\udea8Critical robot flaw exposes industrial production lines to remote takeover\n\nCVE-2026-8153 allows unauthenticated RCE on Universal Robots controllers exposing automated factory fleets to potential disruption and sabotage.\n\n\ud83d\udd17 read more: www.securityweek.com/critical-vul...\n\n#ransomNews #cybersecurity", "creation_timestamp": "2026-05-20T10:37:07.239787Z"}, {"uuid": "4b650be2-b303-412c-8894-6d6e6e677720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://t.me/information_security_channel/55275", "content": "Critical Vulnerability Exposes Industrial Robot Fleets to Hacking\nhttps://www.securityweek.com/critical-vulnerability-exposes-industrial-robot-fleets-to-hacking/\n\nThe vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection.\u00a0\nThe post Critical Vulnerability Exposes Industrial Robot Fleets to Hacking (https://www.securityweek.com/critical-vulnerability-exposes-industrial-robot-fleets-to-hacking/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-05-19T13:11:09.000000Z"}, {"uuid": "c37fdca4-c3c3-4188-b0e6-f646b189b5a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8153", "type": "seen", "source": "https://bsky.app/profile/idenhaus.bsky.social/post/3mmtsfiwuj72v", "content": "A critical command injection vulnerability has been discovered in Universal Robots PolyScope 5, the operating system that powers the company's collaborative robots. The flaw, tracked as CVE-2026-8153, carries a CVSS score of 9.8 and affects all software versions prior to PolyScope 5.25.1.", "creation_timestamp": "2026-05-27T15:16:05.994716Z"}]}