35 matches found
PT-2024-14067 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Foxy Fitzroy version 2 Description: An issue in the default configurations of ROS2 allows unauthenticated attackers to authenticate using default credentials. Recommendations: For ROS2 Foxy Fitzroy version 2, change the default credentia...
Command injection
An issue discovered in shell command execution in ROS2 Robot Operating System 2 Foxy Fitzroy, with ROSVERSION=2 and ROSPYTHONVERSION=3 allows an attacker to run arbitrary commands and cause other impacts...
Deserialization of untrusted data
Insecure deserialization in ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to execute arbitrary code via a crafted input...
Design/Logic Flaw
An issue in the permission and access control components within ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to gain escalate privileges...
Command injection
OS command injection vulnerability in command processing or system call componentsROS2 Robot Operating System 2 Foxy Fitzroy, with ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to run arbitrary commands...
CVE-2023-51204
CVE-2023-51204 was withdrawn (CNA) and is not an active vulnerability entry. Connected sources describe a separate vulnerability in ROS2 Foxy Fitzroy: insecure deserialization in ROS2 Foxy Fitzroy (ROS 2, ROS_VERSION=2; ROS_PYTHON_VERSION=3) that could allow arbitrary code execution via crafted i...
CVE-2023-51202
CVE-2023-51202 is associated with an OS command injection in ROS 2, specifically in ROS2 Foxy Fitzroy. The vulnerability affects command processing/system call components with ROS_VERSION=2 and ROS_PYTHON_VERSION=3, potentially allowing an attacker to run arbitrary commands. Documents from PRION ...
CVE-2023-51197
An issue in ROS2 Foxy Fitzroy allows command injection through shell command execution when ROS_VERSION=2 and ROS_PYTHON_VERSION=3. Root cause: vulnerable shell command pathway in ROS2. Impact: arbitrary commands and potential further effects as described. No exploit details provided in the docum...
PT-2024-14064 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 Foxy Fitzroy Description: An issue was discovered in shell command execution in ROS2, allowing an attacker to run arbitrary commands and cause other impacts. The issue is related to the ROS VERSION=2 and ROS PYTH...
CVE-2023-51198
CVE-2023-51198 is described in the connected PRION document as a design/logic flaw in ROS2 Foxy Fitzroy (ROS2, Python 3) where a permission and access-control component weakness enables privilege escalation. The root cause is stated as an access-control issue that could allow attackers to gain hi...
PT-2024-14070 · Unknown · Ros2 Foxy Fitzroy
Name of the Vulnerable Software and Affected Versions: ROS2 Foxy Fitzroy versions 2 Description: Insecure deserialization in ROS2 allows attackers to execute arbitrary code via a crafted input. The issue affects ROS2 Foxy Fitzroy with ROS VERSION=2 and ROS PYTHON VERSION=3. Recommendations: For...
PT-2024-14069 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 versions Foxy Fitzroy Description: The issue is an OS command injection vulnerability in command processing or system call components. This allows attackers to run arbitrary commands. The ROS VERSION is 2 and ROS...
Number withdrawn
ROS2 Foxy Fitzroy is an application of the ROS2 organization. This CVE number has been withdrawn...
Number withdrawn
ROS2 Foxy Fitzroy is an application of the ROS2 organization. This CVE number has been withdrawn...
Design/Logic Flaw
Cleartext Transmission issue in ROS2 Robot Operating System 2 Foxy Fitzroy, with ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to access sensitive information via a man-in-the-middle attack...
Buffer overflow
Buffer Overflow vulnerability in ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to run arbitrary code or cause a denial of service via improper handling of arrays or strings...
Design/Logic Flaw
An Arbitrary File Upload vulnerability in ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to run arbitrary code and cause other impacts via upload of crafted file...
Default credentials
An issue in the default configurations of ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows unauthenticated attackers to authenticate using default credentials...
Number withdrawn
ROS2 Foxy Fitzroy is an application of the ROS2 organization. This CVE number has been withdrawn...
PT-2024-14066 · Unknown · Ros2 Foxy Fitzroy
Name of the Vulnerable Software and Affected Versions: ROS2 Foxy Fitzroy version 2 Description: A buffer overflow issue exists due to improper handling of arrays or strings, allowing attackers to run arbitrary code or cause a denial of service. Recommendations: For ROS2 Foxy Fitzroy version 2, at...