CVE-2024-29460

EUVD-2024-26466
An issue in PX4 Autopilot v.1.14.0 allows an attacker to manipulate the flight path allowing for crashes of the drone via the home point location of the mission_block.cpp component.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.6 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
CISA-ADPADP
6.6 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Affected Products (NVD)
VendorProductVersion
dronecodepx4_drone_autopilot
1.14.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Drone-Lab/PX4-Autopilot/blob/report-can%27t-finish-mission/report-can%27t-finish-mission.md
https://github.com/Drone-Lab/PX4-Autopilot/blob/report-can%27t-finish-mission/report-can%27t-finish-mission.md