CVE-2024-11166 Traffic Alert and Collision Avoidance System (TCAS) II has an External Control of System or Configuration Setting vulnerability

For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control SLC to the lowest setting and disable the Resolution Advisory RA, leading to a...

Xxe

External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git...