CVE-2024-44852

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 6, 2024
Updated: Dec 17, 2024
CWE ID 763

Summary

CVE-2024-44852 is a newly disclosed vulnerability impacting Open Robotics' Robotic Operating System 2 (ROS2) navigation2 package, specifically version humble. This issue is caused by a segmentation violation within the theta\_star::ThetaStar::isUnsafeToPlan() component. An attacker who successfully exploits this vulnerability could cause the robot to behave unpredictably or even crash, potentially leading to safety risks or operational disruptions. It is recommended that users of this package upgrade to a patched version as soon as possible to mitigate the risk of this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Openrobotics Robot Operating System

Affected Vendors

  • Open Robotics