7 matches found
CVE-2023-24010
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...
CVE-2023-24010
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...
CVE-2023-24010
creationtimestamp| type| source ---|---|--- 2025-01-09 14:40:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113798913106504782 2025-01-09 15:15:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcxtqtlio25 2025-01-09 15:38:35+00:00| seen|...
CVE-2023-24010
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...
CVE-2023-24010
CVE-2023-24010 describes an Achilles’ heel in some DDS vendor configurations: an attacker can craft malicious DDS Participants or ROS 2 Nodes with valid certificates to take control of a secure DDS databus. The root cause is a non-compliant verification of permission documents, specifically an im...
CVE-2023-24010 Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...
CVE-2023-24010 Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...