CVE-2024-33844 Information

Description

The ‘control’ in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0 1 2 255) which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT command with a wrong MAV_MISSION_TYPE.

Reference

http://anafi.com http://nvd-cwe-other.com https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501 https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501/1