CVE-2024-30963

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 5, 2024
Updated: Dec 6, 2024
CWE ID 94

Summary

CVE-2024-30963 is a buffer overflow vulnerability discovered in Open Robotics Robotic Operating System 2 (ROS2) components navigation2-ROS2-humble and navigation2-humble. This issue permits a local attacker to exploit the vulnerability by providing a crafted script, resulting in arbitrary code execution. The vulnerability poses a significant risk, as an attacker could potentially gain full control of the affected system. System administrators are strongly urged to update their ROS2 installations to the latest version to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share