Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
2 vulnerabilities found for Autopilot by PX4
CVE-2026-1579 (GCVE-0-2026-1579)
Vulnerability from nvd – Published: 2026-03-31 20:20 – Updated: 2026-03-31 20:36
VLAI?
Title
PX4 Autopilot Missing authentication for critical function
Summary
The MAVLink communication protocol does not require cryptographic
authentication by default. When MAVLink 2.0 message signing is not
enabled, any message -- including SERIAL_CONTROL, which provides
interactive shell access -- can be sent by an unauthenticated party with
access to the MAVLink interface. PX4 provides MAVLink 2.0 message
signing as the cryptographic authentication mechanism for all MAVLink
communication. When signing is enabled, unsigned messages are rejected
at the protocol level.
Severity ?
9.8 (Critical)
CWE
Assigner
References
Credits
Dolev Aviv of Cyviation reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T20:35:56.040324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:36:09.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Autopilot",
"vendor": "PX4",
"versions": [
{
"status": "affected",
"version": "v1.16.0 SITL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dolev Aviv of Cyviation reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The MAVLink communication protocol does not require cryptographic \nauthentication by default. When MAVLink 2.0 message signing is not \nenabled, any message -- including SERIAL_CONTROL, which provides \ninteractive shell access -- can be sent by an unauthenticated party with\n access to the MAVLink interface. PX4 provides MAVLink 2.0 message \nsigning as the cryptographic authentication mechanism for all MAVLink \ncommunication. When signing is enabled, unsigned messages are rejected \nat the protocol level."
}
],
"value": "The MAVLink communication protocol does not require cryptographic \nauthentication by default. When MAVLink 2.0 message signing is not \nenabled, any message -- including SERIAL_CONTROL, which provides \ninteractive shell access -- can be sent by an unauthenticated party with\n access to the MAVLink interface. PX4 provides MAVLink 2.0 message \nsigning as the cryptographic authentication mechanism for all MAVLink \ncommunication. When signing is enabled, unsigned messages are rejected \nat the protocol level."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:20:06.506Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://docs.px4.io/main/en/mavlink/security_hardening"
},
{
"url": "https://docs.px4.io/main/en/mavlink/message_signing"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-090-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-090-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePX4 recommends enabling MAVLink 2.0 message signing as the \nauthentication mechanism for all non\u2011USB communication links. PX4 has \npublished a security hardening guide for integrators and manufacturers \nat\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://docs.px4.io/main/en/mavlink/security_hardening\" title=\"(opens in a new window)\"\u003ehttps://docs.px4.io/main/en/mavlink/security_hardening\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003eMessage signing configuration documentation can be found at\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://docs.px4.io/main/en/mavlink/message_signing\" title=\"(opens in a new window)\"\u003ehttps://docs.px4.io/main/en/mavlink/message_signing\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "PX4 recommends enabling MAVLink 2.0 message signing as the \nauthentication mechanism for all non\u2011USB communication links. PX4 has \npublished a security hardening guide for integrators and manufacturers \nat\u00a0\n https://docs.px4.io/main/en/mavlink/security_hardening \n\n\nMessage signing configuration documentation can be found at\u00a0\n https://docs.px4.io/main/en/mavlink/message_signing"
}
],
"source": {
"advisory": "ICSA-26-090-02",
"discovery": "EXTERNAL"
},
"title": "PX4 Autopilot Missing authentication for critical function",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-1579",
"datePublished": "2026-03-31T20:20:06.506Z",
"dateReserved": "2026-01-28T22:27:22.970Z",
"dateUpdated": "2026-03-31T20:36:09.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1579 (GCVE-0-2026-1579)
Vulnerability from cvelistv5 – Published: 2026-03-31 20:20 – Updated: 2026-03-31 20:36
VLAI?
Title
PX4 Autopilot Missing authentication for critical function
Summary
The MAVLink communication protocol does not require cryptographic
authentication by default. When MAVLink 2.0 message signing is not
enabled, any message -- including SERIAL_CONTROL, which provides
interactive shell access -- can be sent by an unauthenticated party with
access to the MAVLink interface. PX4 provides MAVLink 2.0 message
signing as the cryptographic authentication mechanism for all MAVLink
communication. When signing is enabled, unsigned messages are rejected
at the protocol level.
Severity ?
9.8 (Critical)
CWE
Assigner
References
Credits
Dolev Aviv of Cyviation reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T20:35:56.040324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:36:09.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Autopilot",
"vendor": "PX4",
"versions": [
{
"status": "affected",
"version": "v1.16.0 SITL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dolev Aviv of Cyviation reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The MAVLink communication protocol does not require cryptographic \nauthentication by default. When MAVLink 2.0 message signing is not \nenabled, any message -- including SERIAL_CONTROL, which provides \ninteractive shell access -- can be sent by an unauthenticated party with\n access to the MAVLink interface. PX4 provides MAVLink 2.0 message \nsigning as the cryptographic authentication mechanism for all MAVLink \ncommunication. When signing is enabled, unsigned messages are rejected \nat the protocol level."
}
],
"value": "The MAVLink communication protocol does not require cryptographic \nauthentication by default. When MAVLink 2.0 message signing is not \nenabled, any message -- including SERIAL_CONTROL, which provides \ninteractive shell access -- can be sent by an unauthenticated party with\n access to the MAVLink interface. PX4 provides MAVLink 2.0 message \nsigning as the cryptographic authentication mechanism for all MAVLink \ncommunication. When signing is enabled, unsigned messages are rejected \nat the protocol level."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:20:06.506Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://docs.px4.io/main/en/mavlink/security_hardening"
},
{
"url": "https://docs.px4.io/main/en/mavlink/message_signing"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-090-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-090-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePX4 recommends enabling MAVLink 2.0 message signing as the \nauthentication mechanism for all non\u2011USB communication links. PX4 has \npublished a security hardening guide for integrators and manufacturers \nat\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://docs.px4.io/main/en/mavlink/security_hardening\" title=\"(opens in a new window)\"\u003ehttps://docs.px4.io/main/en/mavlink/security_hardening\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003eMessage signing configuration documentation can be found at\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://docs.px4.io/main/en/mavlink/message_signing\" title=\"(opens in a new window)\"\u003ehttps://docs.px4.io/main/en/mavlink/message_signing\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "PX4 recommends enabling MAVLink 2.0 message signing as the \nauthentication mechanism for all non\u2011USB communication links. PX4 has \npublished a security hardening guide for integrators and manufacturers \nat\u00a0\n https://docs.px4.io/main/en/mavlink/security_hardening \n\n\nMessage signing configuration documentation can be found at\u00a0\n https://docs.px4.io/main/en/mavlink/message_signing"
}
],
"source": {
"advisory": "ICSA-26-090-02",
"discovery": "EXTERNAL"
},
"title": "PX4 Autopilot Missing authentication for critical function",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-1579",
"datePublished": "2026-03-31T20:20:06.506Z",
"dateReserved": "2026-01-28T22:27:22.970Z",
"dateUpdated": "2026-03-31T20:36:09.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}