Skip to main content

Px4 Drone Autopilot CVE-2024-30800

MEDIUM
Improper Handling of Values (CWE-229)
2024-04-23 cve@mitre.org
5.6
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
5.6 MEDIUM
AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Apr 23, 2024 - 13:15 cve.org
MEDIUM 5.6

DescriptionCVE.org

PX4 Autopilot v.1.14 allows an attacker to fly the drone into no-fly zones by breaching the geofence using flaws in the function.

AnalysisAI

PX4 Autopilot v.1.14 allows an attacker to fly the drone into no-fly zones by breaching the geofence using flaws in the function. Rated medium severity (CVSS 5.6). Public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-229. PX4 Autopilot v.1.14 allows an attacker to fly the drone into no-fly zones by breaching the geofence using flaws in the function. Affected products include: Dronecode Px4 Drone Autopilot.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-46256 CRITICAL POC
9.8 Oct 31

PX4-Autopilot provides PX4 flight control solution for drones. Rated critical severity (CVSS 9.8), this vulnerability is

CVE-2026-26742 HIGH POC
8.1 Mar 10

PX4 Autopilot versions 1.12.x through 1.15.x can be forced into an unsafe re-arm state when pilots switch to Manual mode

CVE-2026-26741 HIGH POC
8.1 Mar 10

PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. [CVSS 8.1 HIGH]

CVE-2024-38952 HIGH POC
7.5 Jun 25

PX4-Autopilot v1.14.3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics.

CVE-2024-29460 MEDIUM POC
6.6 Apr 10

An issue in PX4 Autopilot v.1.14.0 allows an attacker to manipulate the flight path allowing for crashes of the drone vi

CVE-2024-38951 MEDIUM POC
6.5 Jun 25

A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink mes

CVE-2024-30799 MEDIUM POC
4.4 Apr 22

An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and cause a denial of serv

CVE-2023-47625 MEDIUM POC
4.3 Nov 13

PX4 autopilot is a flight control solution for drones. Rated medium severity (CVSS 4.3), this vulnerability is remotely

CVE-2024-24255 MEDIUM POC
4.2 Feb 06

A Race Condition discovered in geofence.cpp and mission_feasibility_checker.cpp in PX4 Autopilot 1.14 and earlier allows

CVE-2024-24254 MEDIUM POC
4.2 Feb 06

PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condi

CVE-2024-40427 HIGH POC
7.9 Jan 07

Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability

Share

CVE-2024-30800 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy