This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. MAVLink is a header-based protocol that does not perform encryption to improve transfer (and reception speed) and efficiency by design. The increasing popularity of the protocol (used accross different autopilots) has led to its use in wired and wireless mediums through insecure communication channels exposing sensitive information to a remote attacker with ability to intercept network traffic.
References
Link | Resource |
---|---|
https://docs.google.com/document/d/1XtbD0ORNkhZ8eKrsbSIZNLyg9sFRXMXbsR2mp37KbIg/edit | Technical Description Vendor Advisory |
https://docs.google.com/document/d/1XtbD0ORNkhZ8eKrsbSIZNLyg9sFRXMXbsR2mp37KbIg/edit | Technical Description Vendor Advisory |
Configurations
History
21 Nov 2024, 04:55
Type | Values Removed | Values Added |
---|---|---|
References | () https://docs.google.com/document/d/1XtbD0ORNkhZ8eKrsbSIZNLyg9sFRXMXbsR2mp37KbIg/edit - Technical Description, Vendor Advisory |
Information
Published : 2020-07-03 15:15
Updated : 2024-11-21 04:55
NVD link : CVE-2020-10281
Mitre link : CVE-2020-10281
CVE.ORG link : CVE-2020-10281
JSON object : View
Products Affected
dronecode
- micro_air_vehicle_link
CWE
CWE-319
Cleartext Transmission of Sensitive Information