35 matches found
PT-2024-14067 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Foxy Fitzroy version 2 Description: An issue in the default configurations of ROS2 allows unauthenticated attackers to authenticate using default credentials. Recommendations: For ROS2 Foxy Fitzroy version 2, change the default credentia...
Design/Logic Flaw
An issue in the permission and access control components within ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to gain escalate privileges...
Deserialization of untrusted data
Insecure deserialization in ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to execute arbitrary code via a crafted input...
Command injection
An issue discovered in shell command execution in ROS2 Robot Operating System 2 Foxy Fitzroy, with ROSVERSION=2 and ROSPYTHONVERSION=3 allows an attacker to run arbitrary commands and cause other impacts...
Command injection
OS command injection vulnerability in command processing or system call componentsROS2 Robot Operating System 2 Foxy Fitzroy, with ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to run arbitrary commands...
Number withdrawn
ROS2 Foxy Fitzroy is an application of the ROS2 organization. This CVE number has been withdrawn...
PT-2024-14064 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 Foxy Fitzroy Description: An issue was discovered in shell command execution in ROS2, allowing an attacker to run arbitrary commands and cause other impacts. The issue is related to the ROS VERSION=2 and ROS PYTH...
CVE-2023-51202
CVE-2023-51202 is associated with an OS command injection in ROS 2, specifically in ROS2 Foxy Fitzroy. The vulnerability affects command processing/system call components with ROS_VERSION=2 and ROS_PYTHON_VERSION=3, potentially allowing an attacker to run arbitrary commands. Documents from PRION ...
CVE-2023-51204
CVE-2023-51204 was withdrawn (CNA) and is not an active vulnerability entry. Connected sources describe a separate vulnerability in ROS2 Foxy Fitzroy: insecure deserialization in ROS2 Foxy Fitzroy (ROS 2, ROS_VERSION=2; ROS_PYTHON_VERSION=3) that could allow arbitrary code execution via crafted i...
CVE-2023-51198
CVE-2023-51198 is described in the connected PRION document as a design/logic flaw in ROS2 Foxy Fitzroy (ROS2, Python 3) where a permission and access-control component weakness enables privilege escalation. The root cause is stated as an access-control issue that could allow attackers to gain hi...
PT-2024-14069 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 versions Foxy Fitzroy Description: The issue is an OS command injection vulnerability in command processing or system call components. This allows attackers to run arbitrary commands. The ROS VERSION is 2 and ROS...
Number withdrawn
ROS2 Foxy Fitzroy is an application of the ROS2 organization. This CVE number has been withdrawn...
PT-2024-14070 · Unknown · Ros2 Foxy Fitzroy
Name of the Vulnerable Software and Affected Versions: ROS2 Foxy Fitzroy versions 2 Description: Insecure deserialization in ROS2 allows attackers to execute arbitrary code via a crafted input. The issue affects ROS2 Foxy Fitzroy with ROS VERSION=2 and ROS PYTHON VERSION=3. Recommendations: For...
CVE-2023-51197
An issue in ROS2 Foxy Fitzroy allows command injection through shell command execution when ROS_VERSION=2 and ROS_PYTHON_VERSION=3. Root cause: vulnerable shell command pathway in ROS2. Impact: arbitrary commands and potential further effects as described. No exploit details provided in the docum...
Design/Logic Flaw
An Arbitrary File Upload vulnerability in ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to run arbitrary code and cause other impacts via upload of crafted file...
Buffer overflow
Buffer Overflow vulnerability in ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to run arbitrary code or cause a denial of service via improper handling of arrays or strings...
Design/Logic Flaw
Cleartext Transmission issue in ROS2 Robot Operating System 2 Foxy Fitzroy, with ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to access sensitive information via a man-in-the-middle attack...
Default credentials
An issue in the default configurations of ROS2 Foxy Fitzroy ROSVERSION=2 and ROSPYTHONVERSION=3 allows unauthenticated attackers to authenticate using default credentials...
CVE-2023-51199
CVE-2023-51199 entry is withdrawn (DO NOT USE candidate). Connected docs describe a real vulnerability: in ROS2 Foxy Fitzroy (ROS2 Foxy Fitzroy, ROS_VERSION=2, ROS_PYTHON_VERSION=3) there is a Buffer Overflow caused by improper handling of arrays or strings, enabling arbitrary code execution or d...
CVE-2023-51208
CVE-2023-51208 is rejected/not used; the CNA withdrew this candidate.