An unauthorized access vulnerability has been discovered in ROS2 Foxy Fitzroy versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized access to multiple ROS2 nodes remotely. Unauthorized access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability.
References
Configurations
History
01 May 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 May 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Apr 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) An unauthorized access vulnerability has been discovered in ROS2 Foxy Fitzroy versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized access to multiple ROS2 nodes remotely. Unauthorized access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. |
06 Jul 2023, 17:33
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:openrobotics:robot_operating_system:2:foxy:*:*:*:*:*:* | |
First Time |
Openrobotics
Openrobotics robot Operating System |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | (MISC) https://github.com/16yashpatel/CVE-2023-33567 - Third Party Advisory |
27 Jun 2023, 18:34
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-27 18:15
Updated : 2024-05-01 19:15
NVD link : CVE-2023-33567
Mitre link : CVE-2023-33567
CVE.ORG link : CVE-2023-33567
JSON object : View
Products Affected
openrobotics
- robot_operating_system
CWE