You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
px4 autopilot
About this tag
The px4 autopilot tag on WindowsForum.com covers security advisories and vulnerabilities related to the PX4 Autopilot open-source flight control software. Recent content highlights CVE-2026-1579, a critical remote command execution vulnerability in PX4 Autopilot v1.16.0_SITL_latest_stable. The flaw allows unauthenticated MAVLink traffic to reach the SERIAL_CONTROL function, enabling shell access on vehicles or simulators when cryptographic message signing is not enabled. Discussions focus on the CISA advisory, CVSS 9.8 rating, and the importance of enabling MAVLink signing to mitigate risks. This tag is relevant for users and administrators working with PX4-based drones, simulators, or industrial control systems who need to stay informed about security patches and best practices.
A newly published CISA industrial control systems advisory says PX4 Autopilot is vulnerable to remote command execution through the MAVLink interface when cryptographic message signing is not enabled, and the agency rates the issue critical at CVSS 9.8. The vulnerability, tracked as...