Skip or inject commands into UAV flight controllers: a voltage glitching attack on PX4 Autopilot ๐ฎ๐ฉ๏ธโก๐ก๏ธ๐ค
A group of security researchers from the University of California (USA) present a successful voltage glitching attack that bypasses safety checks and skips control instructions on the PX4 Autopilot flight controller running on an STMicroelectronics STM32 microchip.
The attack was tested on a flight controller board that is used in many research, hobbyist, and commercial UAVs, but the authors deliberately do not name names. At this stage, the authors confirm that voltage glitches could alter UAV failsafe mechanisms and affect instruction execution.
Indeed, for now, this type of attack still requires physical access to the device. But that may be the topic of another interesting research. Enjoy the read and join the fun! :)
More details:
Glitch in the Sky: Exploiting Voltage Fault Injection in UAV Flight Controllers [PDF]: https://arxiv.org/abs/2604.16699v1


