CVE-2026-1743 – This CVE describes an authentication bypass vul... (How to Fix)

Q: What is the severity of CVE-2026-1743?

CVE-2026-1743 has a CVSS score of 3.1 (LOW). This CVE describes an authentication bypass vulnerability in DJI drone models (Mavic Mini, Air, Spark, Mini SE) through capture-replay attacks on the Enhanced Wi-Fi Pairing component. Attackers on the same local network can potentially gain unauthorized access to drone control functions. The vulnerability affects drones running firmware up to version 01.00.0500.

📋 TL;DR

This CVE describes an authentication bypass vulnerability in DJI drone models (Mavic Mini, Air, Spark, Mini SE) through capture-replay attacks on the Enhanced Wi-Fi Pairing component. Attackers on the same local network can potentially gain unauthorized access to drone control functions. The vulnerability affects drones running firmware up to version 01.00.0500.

💻 Affected Systems

Products:

DJI Mavic Mini
DJI Mavic Air
DJI Spark
DJI Mini SE

Versions: Up to 01.00.0500

Operating Systems: Drone firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in Enhanced Wi-Fi Pairing component. Requires attacker to be on same local network as drone during pairing/connection attempts.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Unauthorized attacker gains full control of drone, potentially hijacking flight operations, accessing camera feeds, or stealing sensitive data stored on the device.

🟠

Likely Case

Local network attacker bypasses authentication to access limited drone functions or disrupt normal operations.

🟢

If Mitigated

With proper network segmentation and monitoring, impact is limited to isolated drone incidents with minimal data exposure.

🌐 Internet-Facing: LOW - Attack requires local network access, not directly exploitable from the internet.

🏢 Internal Only: MEDIUM - Attack requires local network presence but has been weaponized and disclosed publicly.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Exploit code is publicly available on GitHub. Attack requires technical expertise and local network positioning. Vendor has not responded to disclosure.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Monitor DJI official channels for firmware updates addressing CVE-2026-1743.

🔧 Temporary Workarounds

Disable Wi-Fi Pairing

all

Use alternative connection methods like USB or controller-only connections instead of Wi-Fi pairing

Network Segmentation

all

Isolate drone Wi-Fi networks from other critical networks using VLANs or separate physical networks

🧯 If You Can't Patch

Physically secure drone when not in use and disable Wi-Fi functionality
Implement strict network monitoring for unusual Wi-Fi pairing attempts and drone communication patterns

🔍 How to Verify

Check if Vulnerable:

Check drone firmware version via DJI Fly app: Settings > About > Firmware Version

Check Version:

Not applicable - check through DJI mobile app interface

Verify Fix Applied:

Verify firmware version is above 01.00.0500 when/if patch becomes available

📡 Detection & Monitoring

Log Indicators:

Multiple failed authentication attempts followed by successful connection
Unusual Wi-Fi pairing patterns from unexpected MAC addresses

Network Indicators:

Capture-replay patterns in Wi-Fi authentication traffic
Unauthorized devices attempting drone communication protocols

SIEM Query:

source="drone_network" AND (event_type="authentication" AND result="success" AFTER result="failure" WITHIN 5s)

📊 Metadata

CVE ID: CVE-2026-1743

CVSS v3 Score: 3.1 (LOW)

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-287

Published: February 2, 2026

Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy