What is CVE-2023-6951?

CVE-2023-6951 is a medium-severity vulnerability in Dji Matrice 300, classified under CWE-334. CVSS score: 6.6/10. Published 2024-04-02.

How severe is CVE-2023-6951?

Medium severity. CVSS v3 base score is 6.6 out of 10.

Vulnerability in Dji Matrice 300

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn…

EPSS: 0.001 (31.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.6 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N.

Affected products

Dji Matrice 300 — versions 0
Dji Matrice M30 — versions 0
Dji Mavic 3 — versions 0
Dji Mavic 3 Classic — versions 0
Dji Mavic 3 Enterprise — versions 0
Dji Mavic 3 Pro — versions 0
Dji Mini 3 Pro — versions 0

Weakness classification (CWE)

CWE-334

References

www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-6951/

Frequently asked questions

What is CVE-2023-6951?: CVE-2023-6951 is a medium-severity vulnerability in Dji Matrice 300, classified under CWE-334. CVSS score: 6.6/10. Published 2024-04-02.
How severe is CVE-2023-6951?: Medium severity. CVSS v3 base score is 6.6 out of 10.