DJI Mavic Spark/Mavic Air/Mavic Mini Telemetry Channel hard-coded key

A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry Channel. Executing manipulation can lead to use of hard-coded cryptographic key . The attacker needs to be present on the local network. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

使用硬编码的密码学密钥

DJI Mavic 安全漏洞

DJI Mavic是中国大疆（DJI）公司的一系列无人机。 DJI Mavic存在安全漏洞，该漏洞源于组件Telemetry Channel使用硬编码密钥，可能导致本地网络攻击。

N/A

N/A