CVE-2026-49317

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

CVE-2026-49318 Indian Scout Bobber 2025 Infotainment Digital Round skips PIN entry when WCM is silent at boot

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

CVE-2026-49318

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

EUVD-2026-33313

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

CVE-2026-49322

The CVE describes weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year. An adjacent-network attacker with read access to the in-vehicle network can recover the user-set unlock PIN by passively observing a single PIN authentication e...

PT-2026-44852

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

CVE-2025-69515

The CVE-2025-69515 entry concerns the JXL 9 Inch Car Android Double Din Player on Android v12.0, where an issue enables attackers to spoof GPS signals so the infotainment system accepts falsified positions, reporting an incorrect or static location. The available connected documents confirm the a...

EUVD-2018-20907

Malware in sbrugna...

EUVD-2018-20906

Malware in sbrugna...

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20426)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20300)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

PT-2025-27312 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment affected versions not specified Description: A specific flaw exists within the Bluetooth stack of the MIB3 infotainment, resulting from the lack of proper validation of user-supplied data. This can cause an integer overflow...

PT-2025-27308 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment unit affected versions not specified Description: A logic flaw in the bootloader component of the MIB3 infotainment unit leads to a RAM buffer overflow, allowing an attacker with physical access to the MIB3 ECU to bypass...

PT-2025-27310 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment versions affected versions not specified Description: A command injection in the networking service of the MIB3 infotainment allows an attacker already present in the system to escalate privileges and obtain administrative...

CVE-2024-6245

Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux Infotainment Hub modules allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market. This issue affects SmartPlay: 66T0.05.50...

Maruti Suzuki SmartPlay 安全漏洞

Maruti Suzuki SmartPlay is an infotainment system from Maruti Suzuki. A security vulnerability exists in Maruti Suzuki SmartPlay version 66T0.05.50. An attacker could exploit the vulnerability to try commonly used or default usernames and passwords...

(0Day) Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the REFLASHDDUExtractFile function. A crafted software update...

Multiple BMW Head Unit HU_NBT Component Design Vulnerabilities

BMW i Series, etc. are different series of automobile products of BMW Bayerische Motoren Werke AG, Germany.Head Unit HUNBT Infotainment component is a set of infotainment system of the system. A security vulnerability exists in the Head Unit HUNBT component on several BMW vehicles vehicles...