Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_dwb_controller.
The flaw results from improper permission configuration (CWE-281) in the nav2_dwb_controller component, which is part of the ROS2 navigation2 stack. An attacker can deliver a specially crafted script that will be executed in the context of the motion controller process. The attack is possible remotely, without authentication and without any user interaction.
An attacker can gain full control of the system, obtaining the ability to read and modify data and disrupt service availability (complete C/I/A: High). In the case of robotic systems, this can also lead to unauthorized control of robot behavior.
Patches available from the vendor should be applied in accordance with references – monitor progress in the project repository (PR #4463 in the ros-navigation/navigation2 repository). Until the fix is implemented, network isolation of ROS2 nodes and restriction of access to system communication interfaces are recommended.
Open Robotics Robot Operating System 2 (ROS2) navigation2, humble version (nav2_dwb_controller)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOpenrobotics Robot Operating System
APPOpenrobotics2
Related vulnerabilities
Use-after-free w ROS2 Nav2 humble — zdalny exploit przez nav2_amcl
Heap overflow w procesie nav2_amcl systemu ROS2 Nav2
Use-after-free w ROS2 Nav2 — zdalny atak przez parametr /amcl z_rand
Use-after-free w ROS2 Nav2 humble poprzez proces nav2_amcl
Use-after-free w ROS2 Nav2 — zdalny atak przez zmianę parametru AMCL