Lucene search
K

7 matches found

osv
osv
added 2025/01/09 3:15 p.m.8 views

CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS6.7AI score
Exploits0References2
nvd
nvd
added 2025/01/09 3:15 p.m.19 views

CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS0.00332EPSS
Exploits0References2
circl
circl
added 2025/01/09 2:40 p.m.17 views

CVE-2023-24010

creationtimestamp| type| source ---|---|--- 2025-01-09 14:40:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113798913106504782 2025-01-09 15:15:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcxtqtlio25 2025-01-09 15:38:35+00:00| seen|...

8.2CVSS5.7AI score0.00332EPSS
Exploits0References5
debiancve
debiancve
added 2025/01/09 2:36 p.m.20 views

CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS5.4AI score0.00332EPSS
Exploits0
cve
cve
added 2025/01/09 2:36 p.m.79 views

CVE-2023-24010

CVE-2023-24010 describes an Achilles’ heel in some DDS vendor configurations: an attacker can craft malicious DDS Participants or ROS 2 Nodes with valid certificates to take control of a secure DDS databus. The root cause is a non-compliant verification of permission documents, specifically an im...

8.2CVSS8.1AI score0.00332EPSS
Exploits0References2
cvelist
cvelist
added 2025/01/09 2:36 p.m.30 views

CVE-2023-24010 Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS0.00332EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/01/09 2:36 p.m.9 views

CVE-2023-24010 Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS8.1AI score0.00332EPSS
Exploits0References2
Rows per page
Query Builder