VYPR

sros2

by ROS

CVEs (2)

  • CVE-2023-24010HigJan 9, 2025
    risk 0.53cvss 8.2epss 0.00

    An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This…

  • CVE-2019-19625Dec 6, 2019
    risk 0.00cvss epss 0.01

    SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml…