PT-2024-22905 · Ros2 · Ros2
Published
2024-03-21
·
Updated
2024-05-27
·
CVE-2024-29449
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
ROS2 Humble Hawksbill versions 2
Description
An issue in ROS2 allows attackers to obtain sensitive information via man-in-the-middle attacks due to cleartext transmission of data across the ROS2 nodes' communication channels.
Recommendations
For ROS2 Humble Hawksbill version 2, consider implementing encryption for data transmission across ROS2 nodes to prevent cleartext data exposure. As a temporary workaround, restrict access to the ROS2 nodes' communication channels to minimize the risk of exploitation.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ros2