Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-5640

A vulnerability was found in PX4-Autopilot 1.12.3. It has been classified as problematic. This affects the function MavlinkReceiver::handle_message_trajectory_representation_waypoints of the file mavlink_receiver.cpp of the component TRAJECTORY_REPRESENTATION_WAYPOINTS Message Handler. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

Published

2025-06-05T06:15:27.293

Last Modified

2025-06-05T20:12:23.777

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

CVSSv2 Vector

AV:L/AC:L/Au:S/C:N/I:N/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

3.1

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-119
CWE-121

Affected Vendors & Products

References

https://github.com/PX4/PX4-Autopilot/issues/24915 ([email protected])
https://github.com/PX4/PX4-Autopilot/issues/24915#issue-3091040552 ([email protected])
https://vuldb.com/?ctiid.311127 ([email protected])
https://vuldb.com/?id.311127 ([email protected])
https://vuldb.com/?submit.584889 ([email protected])