3 matches found
CVE-2025-41108
The CVE describes Ghost Robotics Vision 60 (v0.27.2) as vulnerable due to a lack of encryption and authentication in its MAVLink-based communication protocol. This enables an external attacker to impersonate the control station and issue arbitrary commands to the robot, potentially gaining unauth...
CVE-2025-41109
CVE-2025-41109 affects Ghost Robotics Vision 60 (v0.27.2). The issue arises from lack of authentication for physical interfaces (three RJ45s and a USB-C port). The device’s internal router automatically assigns IPs to any physically connected equipment, enabling an attacker who controls a rogue W...
CVE-2025-41110
CVE-2025-41110 affects Ghost Robotics Vision 60, specifically APK v0.27.2. The issue arises from an authorization flaw in the ROS 2 stack, permitting connections to the robot’s WiFi and SSH without authentication. Consequences stated across sources include data exposure and full control of the ro...