CVE-2025-5640
BaseFortify
Publication date: 2025-06-05
Last updated on: 2025-06-05
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5640 is a stack-based buffer overflow vulnerability in PX4 Autopilot version 1.12.3. It occurs in the function MavlinkReceiver::handle_message_trajectory_representation_waypoints within the file mavlink_receiver.cpp. This function processes TRAJECTORY_REPRESENTATION_WAYPOINTS messages received via the MAVLink protocol by decoding their contents into a stack-allocated buffer. However, the buffer is too small to hold the entire message data structure, which leads to a stack buffer overflow during decoding. This can cause memory corruption and system crashes. The vulnerability requires local access to exploit and has been publicly disclosed with proof-of-concept exploits available. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact system availability by causing crashes or unpredictable behavior due to memory corruption from the stack buffer overflow. Since it requires local access, an attacker with limited privileges could exploit it to disrupt the PX4 Autopilot system, potentially leading to denial of service or system instability. [3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes or abnormal behavior in the PX4 Autopilot software, especially when handling MAVLink TRAJECTORY_REPRESENTATION_WAYPOINTS messages. Detection can involve running the PX4 simulator (e.g., jmavsim) and sending crafted MAVLink packets that trigger the overflow to observe if the system crashes. Specific commands are not provided in the resources, but testing with MAVLink message injection tools targeting the trajectory waypoint messages may help identify the issue. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local access to the PX4 Autopilot system to prevent exploitation, avoiding the use of vulnerable PX4 version 1.12.3, and considering replacing or updating the affected component if a fixed version becomes available. Since no known countermeasures or patches are currently identified, monitoring for updates and limiting exposure to crafted MAVLink messages is advised. [3]