Lucene search

K
nvd[email protected]NVD:CVE-2024-51074
HistoryNov 22, 2024 - 4:15 p.m.

CVE-2024-51074

2024-11-2216:15:33
web.nvd.nist.gov
3
access control
odometer
kia seltos
software vulnerability

CVSS3

6.7

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

EPSS

0

Percentile

10.4%

Incorrect access control in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to arbitrarily change odometer readings in the vehicle by targeting the instrument cluster through the unsecured CAN network.

CVSS3

6.7

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

EPSS

0

Percentile

10.4%

Related for NVD:CVE-2024-51074