CVE-2020-10281

This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. MAVLink is a header-based protocol that does not perform encryption to improve transfer (and reception speed) and efficiency by design. The increasing popularity of the protocol (used accross different autopilots) has led to its use in wired and wireless mediums through insecure communication channels exposing sensitive information to a remote attacker with ability to intercept network traffic.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dronecode:micro_air_vehicle_link:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:55

Type Values Removed Values Added
References () https://docs.google.com/document/d/1XtbD0ORNkhZ8eKrsbSIZNLyg9sFRXMXbsR2mp37KbIg/edit - Technical Description, Vendor Advisory () https://docs.google.com/document/d/1XtbD0ORNkhZ8eKrsbSIZNLyg9sFRXMXbsR2mp37KbIg/edit - Technical Description, Vendor Advisory

Information

Published : 2020-07-03 15:15

Updated : 2024-11-21 04:55


NVD link : CVE-2020-10281

Mitre link : CVE-2020-10281

CVE.ORG link : CVE-2020-10281


JSON object : View

Products Affected

dronecode

  • micro_air_vehicle_link
CWE
CWE-319

Cleartext Transmission of Sensitive Information