CVE-2024-33844

Опубликовано: 03 мая 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT command with a wrong MAV_MISSION_TYPE.

Ссылки

http://anafi.com
Not Applicable
http://nvd-cwe-other.com
Broken Link
https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501
Vendor Advisory
https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501/1
Vendor Advisory
http://anafi.com
Not Applicable
http://nvd-cwe-other.com
Broken Link
https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501
Vendor Advisory
https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501/1
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:parrot:anafi_firmware:1.10.4:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00373

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-404

Связанные уязвимости

GHSA-fxqv-fm95-w2rw