ASRGCVE-2024-6348CVE-2024-6348
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS4
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/SC:L/VI:N/SI:N/VA:N/SA:N/AU:Y/V:D/RE:H
AI Score
Confidence
Low
EPSS
Percentile
37.7%
Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nissan-global | blind_spot_protection_sensor_ecu_firmware | - | cpe:2.3:o:nissan-global:blind_spot_protection_sensor_ecu_firmware:-:*:*:*:*:*:*:* |
| nissan-global | altima | 2022 | cpe:2.3:h:nissan-global:altima:2022:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"modules": [
"Blind Spot Protection Sensor"
],
"packageName": "ECU",
"product": "Altima",
"vendor": "Nissan",
"versions": [
{
"status": "unknown",
"version": "Altima 2022"
}
]
}
]References
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS4
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/SC:L/VI:N/SI:N/VA:N/SA:N/AU:Y/V:D/RE:H
AI Score
Confidence
Low
EPSS
Percentile
37.7%