Summary
PX4 Autopilot version v1.16.0 is vulnerable to a critical authentication bypass (CVE-2026-1579) that allows unauthenticated attackers to execute arbitrary shell commands via the MAVLink protocol. This flaw enables full system takeover of drones and autonomous vehicles used in defense and transportation.
Take Action:
If you use PX4 Autopilot, you must enable MAVLink 2.0 message signing to prevent unauthorized command execution. Without this cryptographic check, anyone who can reach your drone's communication interface can take full control of the aircraft.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)