Description
A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-02-02
Score: 2.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass
Action: Assess
AI Analysis

Impact

A vulnerability exists in the Enhanced Wi‑Fi Pairing function of DJI Mavic Mini, Air, Spark and Mini SE drones. By capturing and replaying a valid authentication sequence, an attacker can cause the drone to accept the replay and thereby bypass the authentication required for pairing. The vulnerability permits unauthorized local‐network access to the drone’s control interface, potentially allowing control over the device without proper credentials. Only the authentication step is compromised; other local‑level controls remain intact, but the ability to pair without credentials can lead to unauthorized flight or data manipulation.

Affected Systems

Affected products include DJI Air, DJI Mavic Mini, DJI Mini SE, and DJI Spark. Firmware versions up to 01.00.0500 are susceptible. No patch or firmware update is currently available from DJI; the vendor has not responded to the public disclosure.

Risk and Exploitability

The CVSS score of 2.3 indicates low overall severity, and the EPSS score of less than 1 % suggests that the likelihood of exploitation in the wild is very small. However, exploitation requires the attacker to be on the same local network and conduct a capture‑replay of authentication packets, a process that is complex and potentially difficult. The vulnerability is not listed in CISA’s KEV catalog. If an attacker succeeds, they can achieve unauthorized local pairing, which may facilitate further actions such as remote control or data exfiltration, but the attack is limited to the local network scope.

Generated by OpenCVE AI on April 18, 2026 at 00:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the DJI website or vendor support for firmware updates that address Enhanced Wi‑Fi Pairing; apply such a patch as soon as it becomes available.
  • If no patch exists, disable or limit the Enhanced Wi‑Fi Pairing feature in the drone’s configuration, or block the relevant Wi‑Fi channels on the local network to prevent the capture of authentication traffic.
  • Segment the drone’s local network from other corporate or home networks by placing it on a separate VLAN or subnet and enforce strict firewall rules to restrict access to the device’s control ports.

Generated by OpenCVE AI on April 18, 2026 at 00:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 03 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 03 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Dji
Dji mini
Dji mini Se
Dji spark
Vendors & Products Dji
Dji mini
Dji mini Se
Dji spark

Mon, 02 Feb 2026 07:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in DJI Mavic Mini, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title DJI Mavic Mini/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replay DJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replay

Mon, 02 Feb 2026 04:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in DJI Mavic Mini, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title DJI Mavic Mini/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replay
Weaknesses CWE-287
CWE-294
References
Metrics cvssV2_0

{'score': 1.8, 'vector': 'AV:A/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.1, 'vector': 'CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.1, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Dji Mini Mini Se Spark
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T09:13:47.578Z

Reserved: 2026-02-01T16:35:47.330Z

Link: CVE-2026-1743

cve-icon Vulnrichment

Updated: 2026-02-03T14:32:33.991Z

cve-icon NVD

Status : Deferred

Published: 2026-02-02T04:15:55.547

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-1743

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:00:11Z

Weaknesses