512 matches found
CVE-2025-32057 Misconfigured SSL/TLS communication of Redbend service for Infotainment ECU
The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...
CVE-2025-32056
CVE-2025-32056 describes an anti-theft bypass affecting the Nissan Leaf ZE1 infotainment ECU. According to the sources, attackers can bypass the head-unit protection by exploiting weak response generation algorithms and can reveal all 32 possible responses by sniffing CAN traffic or pre-calculati...
CVE-2025-32056 Anti-Theft Bypass for Infotainment ECU
The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...
CVE-2025-32056 Anti-Theft Bypass for Infotainment ECU
The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...
Bosch Infotainment ECU security vulnerabilities
The Bosch Infotainment ECU is an in-car entertainment system developed by the German company Bosch. There is a security vulnerability in the Bosch Infotainment ECU. This vulnerability arises from the anti-theft protection mechanism, which can be bypassed due to a weak response generation algorith...
Bosch Infotainment ECU security vulnerabilities
The Bosch Infotainment ECU is an in-car entertainment system developed by the German company Bosch. There is a security vulnerability in the Bosch Infotainment ECU. This vulnerability stems from the SSL engine using a default configuration, which results in the server root certificates not being...
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object...
God Mode On: how we attacked a vehicle’s head unit modem
Introduction Imagine you're cruising down the highway in your brand-new electric car. All of a sudden, the massive multimedia display fills with Doom, the iconic 3D shooter game. It completely replaces the navigation map or the controls menu, and you realize someone is playing it remotely right...
JXL 9 Inch Car Android Double Din Player 安全漏洞
JXL 9 Inch Car Android Double Din Player is an in-car infotainment system from JXL. A security vulnerability exists in JXL 9 Inch Car Android Double Din Player Android v12.0, which stems from a flaw in the Bluetooth firmware that could lead to a denial of service attack...
Exploit for CVE-2025-63895
JXLInfotainmentCVE-2025-63895 CVE-2025-63895 Attack N...
Exploit for CVE-2025-63895
JXLInfotainment-CVE-2025-63895 CVE-2025-63896 Attack...
JXL 9 Inch Car Android Double Din Player 安全漏洞
JXL 9 Inch Car Android Double Din Player is an in-car infotainment system from JXL. A security vulnerability exists in JXL 9 Inch Car Android Double Din Player version v12.0, which stems from a Bluetooth HID device that is susceptible to arbitrary keystroke injection attacks...
PT-2025-47956
Rooting Tesla's Linux-based infotainment system typically involves exploiting software vulnerabilities, like improper access controls in diagnostic interfaces e.g., CVE-2022-42008. Enthusiasts connect via Ethernet ports, use tools to gain a reverse shell, and set up persistence by modifying...
EUVD-2021-10833
Malware in sbrugna...
EUVD-2021-10830
Malware in sbrugna...
EUVD-2018-20906
Malware in sbrugna...
EUVD-2021-10829
Malware in sbrugna...
EUVD-2020-21054
Malware in sbrugna...
EUVD-2021-10832
Malware in sbrugna...
EUVD-2018-20916
Malware in sbrugna...