2 matches found
CVE-2025-32057
The CVE-2025-32057 entry concerns the Bosch Infotainment ECU in Nissan Leaf ZE1 (2020). The vulnerability arises from using a Redbend OTA service with HTTPS where the SSL engine uses a default configuration, resulting in server root certificate verification being disabled. This can allow an attac...
CVE-2025-32057 Misconfigured SSL/TLS communication of Redbend service for Infotainment ECU
The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...