CVE-2024-44856

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 6, 2024
Updated: Dec 13, 2024
CWE ID 476

Summary

CVE-2024-44856 is a newly discovered vulnerability affecting Open Robotics Robotic Operating System 2 (ROS2) and specifically, the navigation2 package version humble. Hackers can exploit this vulnerability by triggering a NULL pointer dereference through the nav2_smac_planner() component. This issue may result in the system crashing or being taken over, creating potential risks for robotic applications that rely on this software. Users are strongly advised to update the affected package to a version that addresses this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Openrobotics Robot Operating System

Affected Vendors

  • Open Robotics