{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T09:53:37.715","vulnerabilities":[{"cve":{"id":"CVE-2020-10281","sourceIdentifier":"cve@aliasrobotics.com","published":"2020-07-03T15:15:09.777","lastModified":"2024-11-21T04:55:07.917","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. MAVLink is a header-based protocol that does not perform encryption to improve transfer (and reception speed) and efficiency by design. The increasing popularity of the protocol (used accross different autopilots) has led to its use in wired and wireless mediums through insecure communication channels exposing sensitive information to a remote attacker with ability to intercept network traffic."},{"lang":"es","value":"Esta vulnerabilidad aplica al protocolo Micro Air Vehicle Link (MAVLink) y permite a un atacante remoto conseguir acceso a información confidencial siempre que tenga acceso al medio de comunicación. MAVLink es un protocolo basado en el encabezado que no realiza cifrado para mejorar la transferencia (y la velocidad de recepción) y la eficiencia por diseño. La creciente popularidad del protocolo (utilizado entre diferentes pilotos automáticos) ha llevado a su uso en medios cableados e inalámbricos por medio de canales de comunicación no seguros que exponen información confidencial a un atacante remoto con capacidad de interceptar el tráfico de la red"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"cve@aliasrobotics.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cve@aliasrobotics.com","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dronecode:micro_air_vehicle_link:-:*:*:*:*:*:*:*","matchCriteriaId":"EAB382CB-BFFF-45D9-874B-17292E909D09"}]}]}],"references":[{"url":"https://docs.google.com/document/d/1XtbD0ORNkhZ8eKrsbSIZNLyg9sFRXMXbsR2mp37KbIg/edit","source":"cve@aliasrobotics.com","tags":["Technical Description","Vendor Advisory"]},{"url":"https://docs.google.com/document/d/1XtbD0ORNkhZ8eKrsbSIZNLyg9sFRXMXbsR2mp37KbIg/edit","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Vendor Advisory"]}]}}]}