Kukho ubuthathaka (CVE-2026-1579) obuchongiweyo kwiPX4, i-open-source autopilot stack ye-drones kunye nezithuthi ezizimeleyo, nto leyo evumela ukuba imiyalelo ye-shell engaqondakaliyo yenziwe kwisixhobo ngaphandle kokuqinisekiswa kwe-cryptographic xa ufikelela kwi-interface ye-MAVLink. Le ngxaki ilinganiswe njengebalulekileyo (9.8 kwi-10).
Ubungonakali bubangelwa yiprotocol ye-MAVLink engasebenzisi uqinisekiso lwe-cryptographic ngokuzenzekelayo, evumela nayiphi na imiyalezo ukuba ithunyelwe kumaqela angagunyaziswanga. Phakathi kwezinye izinto, umhlaseli angathumela umyalezo othi "SERIAL_CONTROL", ovumela ukufikelela ekusebenziseni ikhowudi kwishelufu yomyalelo esebenzisana nayo. Njengesisombululo, kuyacetyiswa ukuba kusebenze utyikityo lwedijithali kwimiyalezo ye-MAVLink kuzo zonke izitishi zonxibelelwano ngaphandle koqhagamshelo lwe-USB.
umthombo: opennet.ru
