CVE-2023-51454

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Apr 2, 2024
CWE ID 787

Summary

CVE-2023-51454 is an Out-of-bounds Write vulnerability that affects DJI drone devices running the v2_sdk_service on port 10000. This vulnerability allows an attacker to overwrite a pointer in the process memory by exploiting an unsafe memory write operation in the libv2_sdk.so library used by the dji_vtwo_sdk binary. The affected drone models include Mavic 3 Pro, Mavic 3, Mavic 3 Classic, Mavic 3 Enterprise, Matrice 300, Matrice M30, and Mini 3 Pro. The potential dangers of this vulnerability include a memory information leak or arbitrary code execution. It is recommended to apply the necessary updates to mitigate this vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-51454 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options