Vulnerabilities > CVE-2023-33565 - Unspecified vulnerability in Openrobotics Robot Operating System 2

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

openrobotics

NVD

Published: 2023-06-23

Updated: 2024-05-17

Summary

ROS2 (Robot Operating System 2) Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 are vulnerable to Denial-of-Service (DoS) attacks. A malicious user potentially exploited the vulnerability remotely and crashed the ROS2 nodes. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Openrobotics Openrobotics Robot Operating System 2	1

References

https://dl.acm.org/doi/abs/10.1145/3573910.3573912
https://github.com/16yashpatel/CVE-2023-33565
http://www.openwall.com/lists/oss-security/2024/04/23/4
http://www.openwall.com/lists/oss-security/2024/04/23/2
http://www.openwall.com/lists/oss-security/2024/04/23/3
http://www.openwall.com/lists/oss-security/2024/04/23/5