CVE-2022-29945
Published Apr 29, 2022
Last updated a year ago
Overview
- Description
- DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-319
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- The vulnerable configuration displayed has "-" in the version component of each match string. This is because the precise mapping of the year that the relevant products were sold to a known numerical version is unknown at this time.
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:mavic_3_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F72CFF01-D956-42EA-8E73-B401F564A637"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:mavic_3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "12C177C0-5DAF-4DDD-9086-F897E4718065"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:rc_pro_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF40231D-2AC7-4766-995D-123541A66953"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:rc_pro:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "65AA1F71-E2CF-4929-99B1-18BEA993AF73"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:air_2s_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "204CDCDE-79A2-4D03-B048-A3582E329DBE"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:air_2s:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4C9AD300-B8B8-4D66-A22D-A4ECB5414C22"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:air_2_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6A8B649-7AA3-4446-A653-5D2F5464FB53"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:air_2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "86A650F2-EE7E-4321-B824-1F81E7F04295"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:mini_2_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C58D4A83-E95E-4B9C-8E25-C3E050FD4515"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:mini_2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "982A5DF8-95FE-4E9B-B453-EFA52AADE3F1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:mini_se_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BADA9736-0A8F-4AB1-AFC5-1F5F413B9A98"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:mini_se:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CEDA2491-54F4-4C4A-9142-DAB08E35F734"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:fpv_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5097FD3-42AD-49BA-8528-BA09EFA1EBEF"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:fpv:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BA61F9C0-C7F6-4993-90DE-15705F9BBEC0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:fhantom_4_pro_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF0453A7-1767-4960-A013-273F03758190"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:fhantom_4_pro:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "29B091E9-EAAB-47D9-B3CD-F5A2C8F22F46"
},
{
"criteria": "cpe:2.3:h:dji:fhantom_4_pro:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F2EB2854-9D2F-48BE-A09F-A50B4196BC06"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:inspire_2_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01E8C853-D127-4309-AA4B-5F70A852C316"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:inspire_2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "014319A4-7A4C-469F-A051-91654791DC4A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:zenmuse_x7_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C6C3644-8D4F-46C9-8861-BBEA93E1CE94"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:zenmuse_x7:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "085550EE-A1D7-4A22-B93D-650599C5E1F1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dji:zenmuse_x5s_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1F49EC8-1B44-4C67-8F9E-17EDEB78B430"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dji:zenmuse_x5s:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9838F666-2E2A-4C83-928D-20F4312C3FBB"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]