Lucene search
HistoryAug 19, 2024 - 4:15 p.m.
CVE-2024-6348
cve-2024-6348
security access mechanism
uds
blind spot protection sensor ecu
nissan altima (2022)
predictable seed generation
attackers
bypass security controls
ecu resets
seed requests
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.7%
Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests.
Affected configurations
Node
nissan-globalblind_spot_protection_sensor_ecu_firmwareMatch-
nissan-globalaltimaMatch2022
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nissan-global | blind_spot_protection_sensor_ecu_firmware | - | cpe:2.3:o:nissan-global:blind_spot_protection_sensor_ecu_firmware:-:*:*:*:*:*:*:* |
| nissan-global | altima | 2022 | cpe:2.3:h:nissan-global:altima:2022:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2024-6348 Predictable seed generation after ECU reset
2024-08-19 15:12:25
cve
cve
CVE-2024-6348
2024-08-19 16:15:08
vulnrichment
vulnrichment
CVE-2024-6348 Predictable seed generation after ECU reset
2024-08-19 15:12:25
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.7%
Related for NVD:CVE-2024-6348