Critical PX4 autopilot flaw could let attackers send shell commands to drones

CISA has warned about a critical vulnerability in PX4 Autopilot that could let an attacker execute shell commands if they can reach the MAVLink interface. The flaw is tracked as CVE-2026-1579, and CISA lists it as a missing authentication issue with a CVSS 3.1 score of 9.8.

The core problem is not that PX4 suddenly added a dangerous backdoor. The issue stems from how MAVLink works when message signing is not enabled. NVD says MAVLink does not require cryptographic authentication by default, which means an unauthenticated party with access to the MAVLink interface can send messages, including SERIAL_CONTROL, which provides interactive shell access.

BEST SPRING 2026 DEALS

Editor's Choice

Private Internet Access

Access content across the globe at the highest speed rate.

70% of our readers choose Private Internet Access

70% of our readers choose ExpressVPN

ExpressVPN

Browse the web from multiple devices with industry-standard security protocols.

Nord VPN

Faster dedicated servers for specific actions (currently at summer discounts)

That makes the real risk more specific than “anyone on the internet can take over any drone.” An attacker still needs access to the MAVLink interface first. If they have that access and MAVLink 2.0 signing is not enabled, they may be able to send commands that reach the system shell.

What CISA says is affected

CISA’s advisory identifies the affected product as PX4 Autopilot v1.16.0_SITL_latest_stable. The advisory also names the vulnerability class as CWE-306, or missing authentication for a critical function.

The sample article overstates one point by implying that every PX4 deployment faces the same immediate exposure. CISA’s published advisory names a specific affected version, not every PX4 release across all drones and autonomous vehicles. That distinction matters for defenders trying to scope the problem accurately.

CISA also says it has not seen public exploitation of this flaw at the time of publication. So this is a serious vulnerability with clear impact, but there is no official evidence yet that attackers are actively using it in real-world campaigns.

Why the vulnerability matters

If an attacker can send unauthenticated MAVLink messages to a vulnerable target, they may be able to reach interactive shell access and then run arbitrary commands. From there, the practical consequences could include changing system behavior, interfering with flight operations, or using the compromised platform as a foothold for broader disruption. That impact is why CISA scored the issue as critical.

The good news is that PX4 already provides a security control for this exact class of risk. NVD points to PX4’s own documentation, which says MAVLink 2.0 message signing is the cryptographic authentication mechanism for MAVLink communication. When signing is enabled, unsigned messages are rejected at the protocol level.

That means the best way to describe this bug is not simply “attackers can take over drones.” A more accurate version is this: attackers with MAVLink access may be able to send shell-capable messages if message signing is not enabled on an affected PX4 setup.

PX4 CVE-2026-1579 at a glance

What operators should do now

• Check whether any PX4 deployment uses the affected version named in CISA’s advisory.
• Enable MAVLink 2.0 message signing anywhere it is not already enabled. PX4 documents this as the authentication mechanism for MAVLink traffic.
• Restrict access to the MAVLink interface and avoid exposing it to untrusted networks. This follows directly from the attack requirement described in the advisory.
• Segment drone control environments from business networks and tightly control remote access paths, in line with CISA’s standard ICS guidance referenced in the advisory.
• Review configurations and deployment assumptions before making changes in production environments so safety controls do not break live operations. This fits CISA’s broader ICS defensive guidance linked from the advisory.

FAQ