CVE-2026-1743 identifies a vulnerability in the Enhanced Wi-Fi Pairing functionality of DJI Mavic Mini, Spark, and Mini SE drones running firmware up to version 01.00.0500. The vulnerability enables an attacker within the same local network to perform a capture-replay attack, effectively bypassing the authentication mechanism that secures the drone's Wi-Fi pairing process. This attack involves capturing legitimate authentication packets and replaying them to gain unauthorized access. The attack complexity is high, requiring proximity to the drone's Wi-Fi network and the ability to capture and replay network traffic accurately. No user interaction or prior privileges are necessary, but the attacker must be on the local network, limiting the attack surface. The vulnerability impacts confidentiality primarily, as unauthorized access could allow control over the drone or interception of data transmitted between the drone and its controller. The vendor DJI has not responded to the disclosure, and no patches or mitigations have been released. While no exploits are currently known in the wild, the public disclosure increases the risk of future exploitation. The CVSS 4.0 score is 2.3, reflecting low severity due to high attack complexity, local network requirement, and limited impact scope.

For European organizations, the impact of CVE-2026-1743 is primarily related to confidentiality and operational security. Unauthorized access to drones could lead to interception of sensitive data, unauthorized surveillance, or manipulation of drone operations, which can be critical in sectors such as infrastructure inspection, agriculture, law enforcement, and critical facility monitoring. Although the attack requires local network access and is complex, environments with shared or poorly secured Wi-Fi networks increase risk. The lack of vendor patches means organizations must rely on network and operational controls to mitigate risk. The impact on availability and integrity is limited but could escalate if attackers use the bypass to deploy further attacks or disrupt drone operations. Given the increasing use of drones in European commercial and governmental contexts, this vulnerability could expose sensitive operations to espionage or sabotage if exploited.

To mitigate CVE-2026-1743, European organizations should implement strict network segmentation to isolate drone Wi-Fi networks from general corporate or public networks, reducing the risk of local network attackers. Disable Enhanced Wi-Fi Pairing or Wi-Fi pairing features when drones are not actively being paired or used. Employ strong Wi-Fi security protocols and monitor network traffic for unusual capture-replay patterns or repeated authentication attempts. Use physical security controls to limit proximity access to drones, especially in sensitive environments. Regularly audit drone firmware versions and configurations, and subscribe to DJI security advisories for updates. Consider deploying additional network intrusion detection systems (NIDS) focused on drone communication channels. If possible, use alternative secure communication methods or VPNs to control drones remotely. Finally, establish incident response procedures specific to drone security incidents.