CVE-2025-15150 – This CVE describes a stack-based buffer overflo... (How to Fix)

Q: What is the severity of CVE-2025-15150?

CVE-2025-15150 has a CVSS score of 5.3 (MEDIUM). This CVE describes a stack-based buffer overflow vulnerability in PX4 Autopilot's MavlinkLogHandler component. Attackers with local access can potentially execute arbitrary code or crash the system. The vulnerability affects PX4 Autopilot versions up to 1.16.0.

📋 TL;DR

This CVE describes a stack-based buffer overflow vulnerability in PX4 Autopilot's MavlinkLogHandler component. Attackers with local access can potentially execute arbitrary code or crash the system. The vulnerability affects PX4 Autopilot versions up to 1.16.0.

💻 Affected Systems

Products:

PX4 Autopilot

Versions: up to 1.16.0

Operating Systems: Linux-based drone/flight control systems

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where PX4 Autopilot is installed and the vulnerable component is active. Requires local access to exploit.

📦 What is this software?

Px4 Drone Autopilot by Dronecode

View all CVEs affecting Px4 Drone Autopilot →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise, arbitrary code execution, or complete system crash affecting drone/flight control operations.

🟠

Likely Case

Denial of service through system crash or limited code execution within the context of the affected process.

🟢

If Mitigated

Minimal impact if proper access controls limit local user access to critical systems.

🌐 Internet-Facing: LOW - The vulnerability requires local access and is not remotely exploitable.

🏢 Internal Only: MEDIUM - Local attackers with access to the system could exploit this vulnerability, but requires specific conditions and access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and knowledge of the system. No public exploit code has been identified at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 338595edd1d235efd885fd5e9f45e7f9dcf4013d and later versions

Vendor Advisory: https://github.com/PX4/PX4-Autopilot/issues/26118

Restart Required: Yes

Instructions:

1. Update PX4 Autopilot to version after 1.16.0 or apply commit 338595edd1d235efd885fd5e9f45e7f9dcf4013d. 2. Rebuild the firmware. 3. Flash updated firmware to affected systems. 4. Restart the autopilot system.

🔧 Temporary Workarounds

Restrict local access

all

Limit local user access to systems running PX4 Autopilot to trusted users only

Disable vulnerable component

linux

Disable MavlinkLogHandler if not required for operations

Set MAV_0_CONFIG to 0 in PX4 parameters to disable MAVLink

🧯 If You Can't Patch

Implement strict access controls to limit local user access to critical systems
Monitor systems for abnormal behavior or crashes related to MavlinkLogHandler

🔍 How to Verify

Check if Vulnerable:

Check PX4 version: 'px4-version' or examine firmware version. If version is 1.16.0 or earlier, system is vulnerable.

Check Version:

px4-version

Verify Fix Applied:

Verify PX4 version is after 1.16.0 or check if commit 338595edd1d235efd885fd5e9f45e7f9dcf4013d is present in the source code.

📡 Detection & Monitoring

Log Indicators:

Segmentation faults or crashes in mavlink_log_handler process
Abnormal memory access patterns in system logs

Network Indicators:

No network indicators as this is a local vulnerability

SIEM Query:

Process:name="px4" AND (EventID:1000 OR "segmentation fault" OR "buffer overflow")

📊 Metadata

CVE ID: CVE-2025-15150

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-119

EPSS Score: 0.02% exploit probability (6.1th percentile)

Published: December 28, 2025

Last Updated: December 31, 2025

🔗 References

https://github.com/PX4/PX4-Autopilot/issues/26118 Exploit
https://github.com/PX4/PX4-Autopilot/pull/26124 Exploit,Patch
https://github.com/PX4/PX4-Autopilot/pull/26124/commits/338595edd1d235efd885fd5e9f45e7f9dcf4013d Patch
https://vuldb.com/?ctiid.338527 Permissions Required,VDB Entry
https://vuldb.com/?id.338527 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.717323 Third Party Advisory,VDB Entry
https://github.com/PX4/PX4-Autopilot/issues/26118 Exploit

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15150, you might also want to check these: