- Description
- A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval() function to process unsanitized, user-supplied parameter values via special converters for angle representations in radians. This flaw allowed attackers to craft and execute arbitrary Python code.
- Source
- security@ubuntu.com
- NVD status
- Analyzed
- Products
- robot_operating_system
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
CVE-2024-39289 Code Execution Vulnerability in ROS 'rosparam' Tool via Unsanitized Parameter Parsing https://t.co/YGAA7ZIUhZ
@VulmonFeeds
18 Jul 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-39289 A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The v… https://t.co/EAfk53CtAS
@CVEnew
17 Jul 2025
359 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openrobotics:robot_operating_system:indigo_igloo:*:*:*:*:*:*:*",
"matchCriteriaId": "0673568E-BE13-4D10-9E7B-57B6D38850B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openrobotics:robot_operating_system:kinetic_kame:*:*:*:*:*:*:*",
"matchCriteriaId": "429E39E2-7812-44F3-B3DB-D82561432B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openrobotics:robot_operating_system:melodic_morenia:*:*:*:*:*:*:*",
"matchCriteriaId": "C319FA37-A18B-4706-9B29-827BA81CB5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openrobotics:robot_operating_system:noetic_ninjemys:*:*:*:*:*:*:*",
"matchCriteriaId": "2F466D1C-796D-4857-BEDF-FA600DF47669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]