CVE-2024-41650

Published Dec 6, 2024

Last updated 4 months ago

CVSS critical 9.8

Overview

Description
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d.
Source
cve@mitre.org
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

nvd@nist.gov
CWE-281
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-281

Social media

Hype score
Not currently trending

  1. CVE-2024-41650 Insecure Permissions Lead to Code Execution in ROS2 Navigation2 An Insecure Permissions vulnerability in Open Robotics ROS2 navigation2 v.humble lets an attacker run any code. This can be done by s... https://t.co/hHvVFB6KBm

    @VulmonFeeds

    7 Dec 2024

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-41650 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted sc… https://t.co/fwSl2Mduf9

    @CVEnew

    6 Dec 2024

    423 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References