Lucene search
+L

33 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32518

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-32517

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00312EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-32515

Malicious code in bioql PyPI...

6.8CVSS7.6AI score0.00313EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-32516

Malicious code in bioql PyPI...

3.3CVSS4.5AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.7 views

CVE-2023-28896

Access to critical Unified Diagnostics Services UDS of the Modular Infotainment Platform 3 MIB3 infotainment is transmitted via Controller Area Network CAN bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III 3V3 -...

3.3CVSS6.7AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:51 a.m.9 views

CVE-2023-28895

The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...

6.8CVSS7.1AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:51 a.m.6 views

CVE-2023-28897

The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III 3V3 - 2.0 TDI manufactured in 2022...

9.8CVSS7AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:50 a.m.7 views

CVE-2023-28898

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

5.3CVSS6.8AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2024/01/12 4:15 p.m.34 views

CVE-2023-28897

The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III 3V3 - 2.0 TDI manufactured in 2022...

9.8CVSS5.7AI score0.00312EPSS
Exploits0References1
Prion
Prion
added 2024/01/12 4:15 p.m.13 views

Design/Logic Flaw

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

1.8CVSS7.1AI score0.00231EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/12 4:15 p.m.15 views

Hardcoded credentials

The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III 3V3 - 2.0 TDI manufactured in 2022...

7.5CVSS7.2AI score0.00312EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/12 4:4 p.m.57 views

CVE-2023-28898

The CVE-2023-28898 issue involves the Real-Time Streaming Protocol (RTSP) in the MIB3 infotainment system of the Škoda Superb III (3V3) 2.0 TDI (2022). The RTSP implementation improperly handles requests to the /logs URI when the id parameter is zero, enabling a connected attacker on the in-vehic...

5.3CVSS5.2AI score0.00231EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/12 4:4 p.m.37 views

CVE-2023-28898 Head Unit Denial-of-Service via Apple CarPlay service

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

5.3CVSS5.5AI score0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/12 4:4 p.m.20 views

CVE-2023-28898 Head Unit Denial-of-Service via Apple CarPlay service

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

5.3CVSS6.8AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2024/01/12 3:55 p.m.53 views

CVE-2023-28897

CVE-2023-28897 affects Škoda MIB3 infotainment. The vulnerability stems from a hardcoded secret value used to access critical UDS services, impacting Škoda Superb III (3V3) 2.0 TDI (2022). According to NVD, CVSSv3.1 base score 9.8 (Network, high impact on confidentiality, integrity, availability)...

9.8CVSS9.3AI score0.00312EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/12 3:55 p.m.2 views

CVE-2023-28897 Hard-coded password for UDS services

The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III 3V3 - 2.0 TDI manufactured in 2022...

4CVSS7.2AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/12 3:55 p.m.35 views

CVE-2023-28897 Hard-coded password for UDS services

The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III 3V3 - 2.0 TDI manufactured in 2022...

4CVSS9.7AI score0.00312EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.4 views

Škoda Modular Infotainment Platform 3 Trust Management Issues Vulnerability

Škoda Modular Infotainment Platform 3 MIB3 is a modular infotainment platform from the Czech company Škoda. A security vulnerability exists in the Škoda Modular Infotainment Platform 3 MIB3 infotainment that stems from the use of hard-coded secret values...

9.8CVSS6.8AI score0.00312EPSS
Exploits0References2
NVD
NVD
added 2023/12/01 2:15 p.m.20 views

CVE-2023-28896

Access to critical Unified Diagnostics Services UDS of the Modular Infotainment Platform 3 MIB3 infotainment is transmitted via Controller Area Network CAN bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III 3V3 -...

3.3CVSS0.0014EPSS
Exploits0References1
NVD
NVD
added 2023/12/01 2:15 p.m.27 views

CVE-2023-28895

The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...

6.8CVSS0.00313EPSS
Exploits0References1
Rows per page
Query Builder