Tactic: Privilege Escalation

Technique: Privilege Escalation (ROS Specific)

Privilege escalation can be used to gain access to users with higher privileges after gaining initial access. Many autonomous robots run ROS, the Robot Operating System, which is not an operating system (despite its name), but a library of software used with robotics. This software can contain local vulnerabilities that allow for an attacker to gain higher privileges, since the ROS software needs high privileges to run the hardware as well.

Technique in practice

Paper: red teaming ROS-industrial (chapter on privilege escalation)

Mitigations

The ROS-specific dependencies and software should be kept up-to-date, especially when the manufacturer sends out security-critical updates.

Detections

Automated software should periodically scan the software versions being used on the operating system. These versions can be cross-referenced with reputable CVE databases to check for vulnerabilities. Once such a vulnerability is detected, the owner of the robot should be notified.

Documented incidents with autonomous robots

No incidents known at the time of writing.

Documented incidents in other domains

[2017] CVE-2017-12736: RUGGEDCOM ROS local privilege escalation vulnerability