19 matches found
CVE-2025-59611
Memory corruption in diagnostic services due to absence of input validation...
EUVD-2025-210024
Memory corruption in diagnostic services due to absence of input validation...
CVE-2025-59611
Memory corruption in diagnostic services due to absence of input validation...
CVE-2025-59611
Technical details about CVE-2025-59611 are not publicly available in the provided documents. Monitor for updates on affected products, versions, impact, and remediation.
CVE-2025-59611 Out-of-bounds Write in Core Services
Memory corruption in diagnostic services due to absence of input validation...
CVE-2025-59611 Out-of-bounds Write in Core Services
Memory corruption in diagnostic services due to absence of input validation...
CVE-2025-59611
Memory corruption in diagnostic services due to absence of input validation...
PT-2026-45634
Memory corruption in diagnostic services due to absence of input validation...
CVE-2026-7375
UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
From ECU to VSOC: UDS Security Monitoring Strategies
Increasing complexity and connectivity of modern vehicles have heightened their vulnerability to cyberattacks. This paper addresses security challenges associated with the Unified Diagnostic Services UDS protocol, a critical communication framework for vehicle diagnostics in the automotive...
CVE-2024-51073
An issue in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to control or disrupt CAN communication between the instrument cluster and CAN bus. NOTE: this is disputed by the Supplier because the findings came from a potentially unrealistic test environment a...
PT-2024-37557 · Nissan · Nissan Altima Blind Spot Protection Sensor Ecu
Name of the Vulnerable Software and Affected Versions: Nissan Altima 2022 Blind Spot Protection Sensor ECU Description: The issue concerns predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU. This predictability allows attackers to forecast...
CVE-2023-28897
The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III 3V3 - 2.0 TDI manufactured in 2022...
Emerson DeltaV Credentials Management Errors (CVE-2014-2350)
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program. This plugin only works with Tenable.ot. Please visit...
CVE-2014-2350
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...
Hardcoded credentials
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...
CVE-2014-2350 Emerson DeltaV Use of Hard-coded Credentials
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...
CVE-2014-2350
Technical details for CVE-2014-2350 are not publicly available in the provided documents; monitor for updates.
PT-2014-1222 · Emerson · Emerson Deltav
Name of the Vulnerable Software and Affected Versions: Emerson DeltaV versions 10.3.1 through 12.3 Description: The issue is related to errors that occur when changing access control rules through the Telnet protocol, allowing an attacker to gain access to applications via Telnet to run commands ...