CVE-2023-51197

Name of the Vulnerable Software and Affected Versions ROS2 (Robot Operating System 2) Foxy Fitzroy

Description An issue was discovered in shell command execution in ROS2, allowing an attacker to run arbitrary commands and cause other impacts. The issue is related to the ROS VERSION=2 and ROS PYTHON VERSION=3.

Recommendations For ROS2 Foxy Fitzroy, consider restricting access to shell command execution until a patch is available. As a temporary workaround, consider disabling the vulnerable shell command execution functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.