PX4 Autopilot

p a href= https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-090-02.json strong View CSAF /strong /a /p h2 Summary /h2 p strong Successful exploitation of this vulnerability could allow an attacker with access to the MAVLink interface to execute arbitrary shell commands without cryptographic authentication. /strong /p p The following versions of PX4 Autopilot are affected: /p ul li Autopilot v1.16.0_SITL_latest_stable (CVE-2026-1579) /li /ul div class= csaf-table table class= tablesaw tablesaw-stack data-tablesaw-mode= stack data-tablesaw-minimap thead tr th role= columnheader data-tablesaw-priority= persist CVSS /th th role= columnheader Vendor /th th role= columnheader Equipment /th th role= columnheader Vulnerabilities /th /tr /thead tbody tr td v3 9.8 /td td PX4 /td td PX4 Autopilot /td td Missing Authentication for Critical Function /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Transportation Systems, Emergency Services, Defense Industrial Base /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Switzerland /li /ul hr h2 Vulnerabilities /h2 div class= csaf-accordion p a class= csaf-accordion-toggle-all href= # Expand All + /a /p div class= csaf-accordion-item h3 a class= csaf-accordion-toggle href= # CVE-2026-1579 /a /h3 div class= csaf-accordion-content p The MAVLink communication protocol does not require cryptographic authentication by default. When MAVLink 2.0 message signing is not enabled, any message -- including SERIAL_CONTROL, which provides interactive shell access -- can be sent by an unauthenticated party with access to the MAVLink interface. PX4 provides MAVLink 2.0 message signing as the cryptographic authentication mechanism for all MAVLink communication. When signing is enabled, unsigned messages are rejected at the protocol level. /p p a href= https://www.cve.org/CVERecord?id=CVE-2026-1579 View CVE Details /a /p hr h4 Affected Products /h4 h5 PX4 Autopilot /h5 div class= ics-vendor-version-status div class= ics-vendor strong Vendor: /strong br PX4 /div div class= ics-version strong Product Version: /strong br PX4 Autopilot: v1.16.0_SITL_latest_stable /div div class= ics-status strong Product Status: /strong br known_affected /div /div div class= ics-remediations h6 Remediations /h6 p strong Mitigation /strong br PX4 recommends enabling MAVLink 2.0 message signing as the authentication mechanism for all non‑USB communication links. PX4 has published a security hardening guide for integrators and manufacturers at https://docs.px4.io/main/en/mavlink/security_hardening. br a href= https://docs.px4.io/main/en/mavlink/security_hardening https://docs.px4.io/main/en/mavlink/security_hardening /a /p p strong Mitigation /strong br Message signing configuration documentation can be found at https://docs.px4.io/main/en/mavlink/message_signing. br a href= https://docs.px4.io/main/en/mavlink/message_si