Parrot

parrot

4 CVEs • 4 products

Products (4)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-33844 1Parrot 1Anafi Firmware Mar 13, 2025 May 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT com...Show more The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT command with a wrong MAV_MISSION_TYPE.Show less
CVE-2022-46416 1Parrot 1Bebop Firmware Nov 21, 2024 Mar 27, 2023 N/A· v4 5.9 MEDIUM· v3 N/A· v2 Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi n...Show more Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.Show less
CVE-2019-3945 1Parrot 1Anafi Firmware Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Web server running on Parrot ANAFI can be crashed due to the SDK command "Common_CurrentDateTime" being sent to control service with larger than expected date length.
CVE-2019-3944 1Parrot 1Anafi Firmware Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing remote and unauthenticated attackers to disconnect drone from controller during mid-flight.