RVD#3315: Cleartext transmission of sensitive information in MAVLink protocol version 1.0 and 2.0

This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. MAVLink is a header-based protocol that does not perform encryption to improve transfer (and reception speed) and efficiency by design. The increasing popularity of the protocol (used accross different autopilots) has led to its use in wired and wireless mediums through insecure communication channels exposing sensitive information to a remote attacker with ability to intercept network traffic.

N/A

敏感数据的明文传输

Micro Air Vehicle Link 安全漏洞

Micro Air Vehicle Link（MAVLink）是Dronecode项目的一款轻量级的消息传输协议，它主要用于地面控制终端（地面站）与无人机之间 (以及机载无人机组件之间) 的通信。 MAVLink中存在安全漏洞。远程攻击者可利用该漏洞访问敏感信息。

N/A

N/A