Denial of Service due to loss of information in DroneScout ds230 Remote ID receiver from BlueMark Innovations

Vulnerability

The DroneScout ds230 Remote ID receiver (firmware versions 20211210-1627 through 20230329-1042) contains an information loss vulnerability [2]. The adjacent channel suppression algorithm is improperly bounded; an attacker can inject high-power spoofed Open Drone ID (ODID) messages on carefully selected channels, causing the receiver to drop legitimate Remote ID (RID) information and instead generate JSON-encoded MQTT messages containing crafted RID data [1][2].

Exploitation

The attacker must be within radio range of the victim DroneScout ds230 (adjacent network proximity) and have the ability to transmit high-power ODID messages on the same frequency band [2]. No authentication or user interaction is required. By selecting specific channels and sending spoofed ODID frames, the receiver's suppression algorithm is triggered, discarding real RID detections in favor of the injected data [1].

Impact

Successful exploitation results in the DroneScout ds230 sending falsified Remote ID information to the MQTT broker [2]. This causes a complete loss of real drone telemetry for the system integrator operating the MQTT infrastructure, effectively blinding drone tracking capabilities. The integrity of the RID data stream is compromised, but confidentiality and availability are not directly affected [2].

Mitigation

BlueMark Innovations has released firmware versions newer than 20230329-1042 that fix the adjacent channel suppression issue, as indicated in the firmware history [1]. The latest available version listed is 20260427-1257. Users should update to a patched firmware build as soon as possible. No workarounds are documented. The CVE is not listed on the CISA KEV catalog.