प्लेटफ़ॉर्म
python
घटक
roslaunch
A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'roslaunch' command-line tool. This flaw, affecting ROS distributions Noetic Ninjemys and earlier, stems from the insecure use of the eval() function to process user-supplied parameters. Attackers can leverage this to execute arbitrary Python code, potentially compromising the entire ROS environment.
The impact of this vulnerability is significant. An attacker who can control the parameter values passed to roslaunch can inject and execute arbitrary Python code with the privileges of the roslaunch process. This could lead to complete system compromise, including data exfiltration, denial of service, and the execution of malicious commands. The ability to execute code within the ROS environment opens the door to targeting robotic systems and the data they process, potentially impacting industrial automation, research, and other applications reliant on ROS.
This vulnerability is publicly known and documented in CVE-2024-39835. While no active exploitation campaigns have been confirmed, the availability of the eval() function and the ease of crafting malicious parameters suggest a potential for exploitation. The vulnerability's presence in ROS, a widely used robotics framework, increases its potential impact. It is not currently listed on the CISA KEV catalog, but its severity warrants monitoring.
Robotics researchers and developers using ROS Noetic Ninjemys or earlier are at immediate risk. Industrial automation facilities relying on ROS-based systems are also vulnerable. Specifically, deployments that expose ROS launch parameters through web interfaces or other external sources are at heightened risk.
• python / roslaunch:
import os
import subprocess
def check_roslaunch_params(launch_file):
try:
process = subprocess.run(['roslaunch', '--help'], capture_output=True, text=True, check=True)
print(process.stdout)
except subprocess.CalledProcessError as e:
print(f"Error executing roslaunch: {e}")• linux / server:
journalctl -u roslaunch -g "eval" | grep -i "error"• generic web:
Inspect ROS launch files for instances of eval() and user-supplied parameters. Look for suspicious parameter names or values that could be exploited.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.03% (7% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation is to upgrade to a ROS distribution that addresses this vulnerability. Unfortunately, a specific fixed version is not yet available. As a workaround, implement strict input validation on all parameters passed to roslaunch. Sanitize user-supplied data to prevent the injection of malicious code. Consider disabling the substitution args mechanism if it is not essential for your ROS applications. Regularly review and audit your ROS launch files for potential vulnerabilities. After implementing these mitigations, verify the integrity of your ROS environment by attempting to launch nodes with carefully crafted, but benign, parameter values to ensure they are properly sanitized.
Actualice ROS a una versión posterior a Noetic Ninjemys o aplique los parches de seguridad proporcionados por Open Source Robotics Foundation. Evite utilizar parámetros no sanitizados en los archivos de lanzamiento de ROS. Revise y valide cuidadosamente cualquier archivo de lanzamiento de ROS de fuentes no confiables.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2024-39835 is a code injection vulnerability in ROS Noetic Ninjemys and earlier, allowing arbitrary Python code execution through unsanitized parameters in roslaunch.
If you are using ROS Noetic Ninjemys or an earlier version, you are potentially affected. Assess your ROS launch file configurations and parameter handling practices.
Upgrade to a patched ROS distribution when available. Until then, implement strict input validation on all parameters passed to roslaunch and consider disabling the substitution args mechanism.
No active exploitation campaigns have been confirmed, but the vulnerability's nature and the ease of exploitation suggest a potential risk.
Refer to the ROS security mailing list and the ROS wiki for updates and official advisories regarding CVE-2024-39835.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।
अपनी requirements.txt फ़ाइल अपलोड करें और तुरंत जानें कि आप प्रभावित हैं या नहीं।