CVE-2023-51455

Name of the Vulnerable Software and Affected Versions DJI Mavic 3 Pro versions prior to v01.01.0300 DJI Mavic 3 versions prior to v01.00.1200 DJI Mavic 3 Classic versions prior to v01.00.0500 DJI Mavic 3 Enterprise versions prior to v07.01.10.03 DJI Matrice 300 versions prior to v57.00.01.00 DJI Matrice M30 versions prior to v07.01.0022 DJI Mini 3 Pro versions prior to v01.00.0620

Description The issue is related to an Improper Validation of Array Index in the on receive session packet ack function implemented in the libv2 sdk.so library. This could allow an attacker to corrupt a controlled memory location due to missing input validation, potentially leading to a memory information leak or arbitrary code execution. The vulnerability affects the v2 sdk service running on DJI drone devices on port 10000.

Recommendations For DJI Mavic 3 Pro versions prior to v01.01.0300, update to version v01.01.0300 or later. For DJI Mavic 3 versions prior to v01.00.1200, update to version v01.00.1200 or later. For DJI Mavic 3 Classic versions prior to v01.00.0500, update to version v01.00.0500 or later. For DJI Mavic 3 Enterprise versions prior to v07.01.10.03, update to version v07.01.10.03 or later. For DJI Matrice 300 versions prior to v57.00.01.00, update to version v57.00.01.00 or later. For DJI Matrice M30 versions prior to v07.01.0022, update to version v07.01.0022 or later. For DJI Mini 3 Pro versions prior to v01.00.0620, update to version v01.00.0620 or later. As a temporary workaround, consider disabling the on receive session packet ack function until a patch is available. Restrict access to the libv2 sdk.so library to minimize the risk of exploitation. Avoid using the v2 sdk service on port 10000 until the issue is resolved.