159 matches found
Kenwood DMX958XR 操作系统命令注入漏洞
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
Kenwood DMX958XR 操作系统命令注入漏洞
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
PT-2025-29082
Name of the Vulnerable Software and Affected Versions: OpenSynergy BlueSDK versions through 6.x Description: The OpenSynergy BlueSDK Bluetooth stack contains a flaw due to incorrect handling of a network packet header and an incorrect variable used as a function argument. This can allow a remote...
CVE-2023-28910
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number...
CVE-2023-28903
An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system...
Volkswagen MIB3 Infotainment 安全漏洞
Volkswagen MIB3 Infotainment is an infotainment system on a vehicle from Volkswagen Germany. A security vulnerability exists in the Volkswagen MIB3 Infotainment that stems from a lack of memory isolation between CPU cores, which could allow an attacker to compromise the CPU core responsible for C...
Volkswagen MIB3 Infotainment 安全漏洞
Volkswagen MIB3 Infotainment is an infotainment system on a vehicle from Volkswagen Germany. A security vulnerability exists in Volkswagen MIB3 Infotainment that stems from a lack of privilege separation in a proprietary inter-process communication mechanism, which could allow an attacker to bypa...
Volkswagen MIB3 Infotainment 安全漏洞
Volkswagen MIB3 Infotainment is an infotainment system on a vehicle from Volkswagen Germany. A security vulnerability exists in the Volkswagen MIB3 Infotainment that stems from a lack of proper validation of user-supplied data in the Bluetooth stack, which could result in an integer overflow when...
CVE-2023-26245
An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the version check in order to install any firmware version e.g.,...
CVE-2023-28896
Access to critical Unified Diagnostics Services UDS of the Modular Infotainment Platform 3 MIB3 infotainment is transmitted via Controller Area Network CAN bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III 3V3 -...
CVE-2023-28885
The MyLink infotainment system build 2021.3.26 in General Motors Chevrolet Equinox 2021 vehicles allows attackers to cause a denial of service temporary failure of Media Player functionality via a crafted MP3 file...
CVE-2023-26246
An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to...
CVE-2021-23907
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution...
CVE-2021-23908
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution...
CVE-2021-23909
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution...
CVE-2021-23906
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution...
CVE-2020-28656
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a metainfo file are parsed, which can cause attacker-controlled files to be written to the infotainmen...
Mercedes-Benz NTG 安全漏洞
Mercedes-Benz NTG is an automobile from Mercedes-Benz Germany. A security vulnerability exists in Mercedes-Benz NTG 6 that originates from a heap buffer overflow in the User-Data import/export function. An attacker exploiting this vulnerability could cause the User-Data service to crash...
The vulnerability of the import/export function of the UserData service in the Mercedes-Benz MBUX multimedia system allows a perpetrator to trigger a service failure.
The vulnerability of the import/export function of the UserData service in the Mercedes-Benz MBUX multimedia system is related to errors in data type mixing. Exploiting this vulnerability can allow attackers to cause service failures...
CVE-2024-8355
Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment system. Authentication is not required to exploit this vulnerability. The...