Kufooka (CVE-2026-1579) kwapezeka mu PX4, malo otseguka odziyimira pawokha a ma drone ndi magalimoto odziyimira pawokha, zomwe zimalola kuti malamulo oletsa kugwiritsa ntchito zipolopolo agwiritsidwe ntchito pa chipangizocho popanda kutsimikizira cryptographic akamagwiritsa ntchito mawonekedwe a MAVLink. Vutoli lawonedwa ngati lofunika kwambiri (9.8 mwa 10).
Kufooka kumeneku kumachitika chifukwa cha protocol ya MAVLink yosagwiritsa ntchito kutsimikizika kwa cryptographic mwachisawawa, zomwe zimalola mauthenga aliwonse kutumizidwa kwa anthu osaloledwa. Pakati pa zinthu zina, wowukira angatumize uthenga wa "SERIAL_CONTROL", womwe umapereka mwayi wogwiritsa ntchito ma code mu chipolopolo cha lamulo cholumikizirana. Monga njira yothetsera vutoli, tikukulimbikitsani kuti muyatse ma signature a digito a mauthenga a MAVLink pa njira zonse zolumikizirana kupatula ma USB.
Source: opennet.ru
