exploitDog

CVE-2024-52876

Опубликовано: 17 нояб. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions (in broadcast mode) via multiple read operations on the ASTM Remote ID (0xFFFA) GATT.

Ссылки

https://coalfire.com/the-coalfire-blog/holy-stone-remote-id-vulnerability-disclosure

EPSS

Процентиль: 23%

0.00074

Низкий

7.5 High

CVSS3

Дефекты

CWE-125

Связанные уязвимости

GHSA-jr7j-3vjj-9c7j

CVSS3: 7.5

github

около 1 года назад

Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions (in broadcast mode) via multiple read operations on the ASTM Remote ID (0xFFFA) GATT.

EPSS

Процентиль: 23%

0.00074

Низкий

7.5 High

CVSS3

Дефекты

CWE-125