Risk Summary
Successful exploitation of this vulnerability could allow an attacker with access to the MAVLink interface to execute arbitrary shell commands without cryptographic authentication.
CVEs (1)
Remediations
- PX4 recommends enabling MAVLink 2.0 message signing as the authentication mechanism for all non‑USB communication links. PX4 has published a security hardening guide for integrators and manufacturers at https://docs.px4.io/main/en/mavlink/security_hardening.
- Message signing configuration documentation can be found at https://docs.px4.io/main/en/mavlink/message_signing.
Affected Vendors
PX4
Affected Products (1)
PX4
·
Autopilot
v1.16.0_SITL_latest_stable
Affected Sectors
Transportation Systems, Emergency Services, Defense Industrial Base
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more