{"uuid": "deba7182-dae2-403e-80a3-bd5c50526e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29156", "type": "seen", "source": "https://t.me/Rootsec_2/385", "content": "\ud83d\udce1Nozomi Networks Discovers Three Vulnerabilities Affecting BlueMark DroneScout ds230 Remote ID Receiver \n\"In this blog post, we disclose three vulnerabilities (critical, high and medium risk) which affect the DroneScout ds230 device. Two of these vulnerabilities(CVE-2023-31191 & CVE-2023-29156) could allow an attacker to spoof Remote ID information forcing the DroneScout ds230 to drop Remote ID information transmitted by legitimately communicating drones. The consequence of this is the attacker being able to inject fake locations associated with the legitimate drones detected by the DroneScout. The third vulnerability(CVE-2023-31190) discovered demonstrates the capability to install malicious firmware updates on the DroneScout appliance. \"\n\n#ODID #expoitation #fw #DroneScout #Drone #UAV #UAS", "creation_timestamp": "2024-08-16T08:08:28.000000Z"}