PX4 Autopilot Vulnerability Allows Remote Code Execution and Denial of Service
CVE-2024-30799

4.4MEDIUM

Key Information:

Vendor: PX4
Status: Px4 Drone Autopilot
Vendor: CVE Published:; 22 April 2024

What is CVE-2024-30799?

An identified vulnerability in PX4 Autopilot versions 1.14 and before poses a significant risk, enabling remote attackers to execute arbitrary code. This exploitation centers around the Breach Return Point function, where malicious actors can manipulate the autopilot's operations, leading to a denial of service condition. This flaw underscores the necessity for prompt updates and security measures within affected systems to safeguard against potential intrusions and operational disruptions.

References

https://github.com/PX4/PX4-Autopilot/issues/22428

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2024

CVE-2024-30799 Data

JSON