check pinned topic READ FIRST.
it covers number of things including access to Xpert portal which is where any user documentation is found as well as any news or patches.
So, one of those seems to be a simple RowHammer vulnerability, which isn't really an issue for a KUKAbot in most circumstances. Properly isolating the KRC if it is handling any confidential data that RowHammer might expose should be a fairly trivial exercise.
The other is simply that the robot can be brought to a halt using the Task Manager, after which "Brake recalibration must be performed." There's no details on that, but I'm betting this just means a Brake Test, which can be performed easily enough, without requiring special KUKA skills and/or equipment.
Frankly, neither of these seem at all serious, unless the second CVE is leaving out a LOT of details. Either one can be made very difficult to exploit simply by using proper security procedures and controlling password access, possibly adding a secure firewall between the KRC and the general network if one is really paranoid.
