Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_.
An attacker can deliver a crafted script directed at the executor_thread_ thread in the navigation2 package of ROS2. Improper permission configuration (CWE-281) allows execution of this script without required authentication or any user interaction. The vulnerability is network-accessible with low attack complexity, making it exceptionally easy to exploit.
An attacker can remotely execute arbitrary code on the target system, leading to complete loss of confidentiality, integrity, and availability — including potential takeover of control over a robotic system.
Patches available from the vendor should be applied according to the references — pull request no. 4385 is available in the ros-navigation/navigation2 repository on GitHub. It is recommended to monitor releases and update the navigation2 package to a version containing the fix.
Open Robotics Robot Operating System 2 (ROS2), navigation2 package, humble version
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOpenrobotics Robot Operating System
APPOpenrobotics2
Related vulnerabilities
Use-after-free w ROS2 Nav2 humble — zdalny exploit przez nav2_amcl
Heap overflow w procesie nav2_amcl systemu ROS2 Nav2
Use-after-free w ROS2 Nav2 — zdalny atak przez parametr /amcl z_rand
Use-after-free w ROS2 Nav2 humble poprzez proces nav2_amcl
Use-after-free w ROS2 Nav2 — zdalny atak przez zmianę parametru AMCL