CVE-2026-26673 is a denial of service vulnerability identified in the DJI Enhanced-WiFi transmission subsystem affecting multiple DJI drone models including Mavic Mini, Spark, Mavic Air, Mini, and Mini SE running firmware version 0.1.00.0500 and earlier. The vulnerability allows a remote attacker to disrupt the Wi-Fi communication channel used by these drones, effectively causing a denial of service. The flaw likely stems from improper handling of Wi-Fi packets or malformed frames within the enhanced Wi-Fi stack, leading to a crash or hang of the communication subsystem. Since the attack vector is remote and does not require authentication or user interaction, an attacker within Wi-Fi range could exploit this by sending crafted Wi-Fi frames to the drone, interrupting its control or telemetry link. This disruption could cause the drone to lose connectivity with its controller, potentially resulting in loss of control, mission failure, or forced landing. No CVSS score has been assigned yet, and no public patches or mitigations have been released. The vulnerability affects a broad range of popular consumer and prosumer DJI drones, which are widely used globally for photography, surveying, agriculture, and other commercial applications. The lack of authentication requirement and the critical nature of communication links in drone operation elevate the risk. Although no active exploitation has been reported, the vulnerability represents a significant threat to drone reliability and safety.

The primary impact of CVE-2026-26673 is denial of service against affected DJI drones, which can interrupt or disable drone operations by severing the Wi-Fi communication link between the drone and its controller. This can lead to loss of control, mission failure, or forced emergency landing, potentially causing physical damage or safety hazards. For organizations relying on these drones for critical tasks such as infrastructure inspection, agriculture monitoring, emergency response, or delivery services, this could result in operational disruption, financial loss, and safety risks. The ease of exploitation without authentication means attackers in proximity can cause widespread disruption in areas with dense drone usage. Additionally, the inability to communicate with the drone could hinder situational awareness and data collection. Although no known exploits are currently active, the vulnerability could be leveraged in targeted attacks or by malicious actors seeking to disrupt drone operations in sensitive environments. The impact extends to both commercial and recreational users, affecting trust and reliability in DJI drone platforms.

1. Monitor DJI official channels for firmware updates addressing this vulnerability and apply patches promptly once available. 2. Limit Wi-Fi exposure by operating drones in controlled environments with restricted Wi-Fi access and avoid flying in areas with unknown or untrusted Wi-Fi networks. 3. Use network segmentation and Wi-Fi monitoring tools to detect anomalous or malformed Wi-Fi frames that could indicate exploitation attempts. 4. Implement operational procedures to maintain manual control fallback and emergency landing protocols in case of communication loss. 5. Educate drone operators about the risk of Wi-Fi-based denial of service and encourage vigilance during drone flights. 6. Consider deploying drones with alternative communication methods or enhanced security features if available. 7. For critical missions, conduct risk assessments and have contingency plans to mitigate potential drone communication failures. 8. Collaborate with cybersecurity teams to integrate drone security into broader organizational security policies.