Entropy1110

**Name of the Vulnerable Software and Affected Versions** Parrot ANAFI USA firmware version 1.10.4 **Description** The issue concerns a lack of validation for the `MAV MISSION TYPE` in the Parrot ANAFI USA firmware, specifically for values 0, 1, 2, and 255. This allows an attacker to disrupt the connection between the controller and the drone by sending a `MAVLink MISSION COUNT` command with an incorrect `MAV MISSION TYPE`. This can be exploited via a local network. **Recommendations** For Parrot ANAFI USA firmware version 1.10.4, consider isolating drones from the network and analyzing traffic to minimize the risk of exploitation. As a temporary workaround, restrict access to the `MAVLink` component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.