CVE-2023-51455 - OpenCVE

Link	Resource
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-51455/

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-51455", "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "state": "PUBLISHED", "assignerShortName": "Nozomi", "dateReserved": "2023-12-19T15:38:30.829Z", "datePublished": "2024-04-02T10:31:01.115Z", "dateUpdated": "2024-04-02T10:31:01.115Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mavic 3 Pro", "vendor": "DJI", "versions": [{"lessThan": "01.01.0300", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Mavic 3", "vendor": "DJI", "versions": [{"lessThan": "01.00.1200", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Mavic 3 Classic", "vendor": "DJI", "versions": [{"lessThan": "01.00.0500", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Mavic 3 Enterprise", "vendor": "DJI", "versions": [{"lessThan": "7.01.10.03", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Matrice 300", "vendor": "DJI ", "versions": [{"lessThan": "57.00.01.00", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Matrice M30", "vendor": "DJI", "versions": [{"lessThan": "07.01.0022", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Mini 3 Pro", "vendor": "DJI", "versions": [{"lessThan": "01.00.0620", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Diego Giubertoni of Nozomi Networks"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the on_receive_session_packet_ack function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, potentially leading to a memory information leak or to an arbitrary code execution. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620."}], "value": "A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the on_receive_session_packet_ack function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, potentially leading to a memory information leak or to an arbitrary code execution. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-129", "description": "CWE-129 Improper Validation of Array Index", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "shortName": "Nozomi", "dateUpdated": "2024-04-02T10:31:01.115Z"}, "references": [{"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-51455/"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"descriptions": [{"lang": "en", "value": "A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the on_receive_session_packet_ack function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, potentially leading to a memory information leak or to an arbitrary code execution. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620."}, {"lang": "es", "value": "Un problema de validaci\u00f3n inadecuada del \u00edndice de matriz que afecta a v2_sdk_service que se ejecuta en un conjunto de dispositivos de drones DJI en el puerto 10000 podr\u00eda permitir que un atacante corrompa una ubicaci\u00f3n de memoria controlada debido a una validaci\u00f3n de entrada faltante en la funci\u00f3n on_receive_session_packet_ack implementada en la librer\u00eda libv2_sdk.so utilizada por el binario dji_vtwo_sdk que implementa el servicio, lo que podr\u00eda provocar una p\u00e9rdida de informaci\u00f3n de la memoria o la ejecuci\u00f3n de c\u00f3digo arbitrario. Los modelos afectados son Mavic 3 Pro hasta v01.01.0300, Mavic 3 hasta v01.00.1200, Mavic 3 Classic hasta v01.00.0500, Mavic 3 Enterprise hasta v07.01.10.03, Matrice 300 hasta v57.00.01.00, Matrice M30 hasta v07. 01.0022 y Mini 3 Pro hasta v01.00.0620."}], "id": "CVE-2023-51455", "lastModified": "2024-04-02T12:50:42.233", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "prodsec@nozominetworks.com", "type": "Secondary"}]}, "published": "2024-04-02T11:15:50.520", "references": [{"source": "prodsec@nozominetworks.com", "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-51455/"}], "sourceIdentifier": "prodsec@nozominetworks.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-129"}], "source": "prodsec@nozominetworks.com", "type": "Secondary"}]}

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

JSON object

JSON object

JSON object