CVE-2023-51204

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions ROS2 Foxy Fitzroy versions 2

Description Insecure deserialization in ROS2 allows attackers to execute arbitrary code via a crafted input. The issue affects ROS2 Foxy Fitzroy with ROS VERSION=2 and ROS PYTHON VERSION=3.

Recommendations For ROS2 Foxy Fitzroy version 2, consider disabling the deserialization functionality until a patch is available. Restrict access to crafted inputs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-51204

Affected Products

Ros2 Foxy Fitzroy

CVE-2023-51204

Related Identifiers

Affected Products

References · 6