CVE-2023-46256

Exploit

EPSS 0.3%
Veröffentlicht 31.10.2023 16:15:10
Zuletzt bearbeitet 21.11.2024 08:28:11
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function due to the absence of `parserbuf_index` value checking. A malfunction of the sensor device can cause a heap buffer overflow with leading unexpected drone behavior. Malicious applications can exploit the vulnerability even if device sensor malfunction does not occur. Up to the maximum value of an `unsigned int`, bytes sized data can be written to the heap memory area. As of time of publication, no fixed version is available.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 3 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dronecode ≫ Px4 Drone Autopilot Version <= 1.13.3

Dronecode ≫ Px4 Drone Autopilot Version1.14.0 Updatebeta1

Dronecode ≫ Px4 Drone Autopilot Version1.14.0 Updatebeta2

Dronecode ≫ Px4 Drone Autopilot Version1.14.0 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.3%	0.532

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security-advisories@github.com	4.4	1.3	2.7	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:L

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://github.com/PX4/PX4-Autopilot/blob/main/src/drivers/distance_sensor/lightware_laser_serial/parser.cpp#L87

Product

https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-5hvv-q2r5-rppw

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-46256

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-46256

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-46256

EUVD