PT-2024-22898 · Ros2 · Ros2
Published
2024-03-25
·
Updated
2024-05-27
·
CVE-2024-29440
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
ROS2 Humble Hawksbill versions where ROS VERSION is 2 and ROS PYTHON VERSION is 3
Description
An unauthorized access issue has been discovered, potentially allowing a malicious user to gain unauthorized access to multiple ROS2 nodes remotely. This could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information.
Recommendations
For ROS2 Humble Hawksbill versions where ROS VERSION is 2 and ROS PYTHON VERSION is 3, consider restricting access to ROS2 nodes to minimize the risk of exploitation until a patch is available.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ros2