5 matches found
Mercedes-Benz NTG 安全漏洞
Mercedes-Benz NTG is an automobile from Mercedes-Benz Germany. A security vulnerability exists in Mercedes-Benz NTG 6 that originates from a heap buffer overflow in the User-Data import/export function. An attacker exploiting this vulnerability could cause the User-Data service to crash...
CVE-2023-26243
An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...
CVE-2023-26244
CVE-2023-26244 affects Hyundai Gen5W_L in-vehicle infotainment. The issue: attacker can modify the AppDMClient binary used during firmware installation to bypass the digital signature check of AppUpgrade and .lge.upgrade.xml, enabling use of a custom AppUpgrade/.lge.upgrade.xml during updates. Ro...
CVE-2023-26243
CVE-2023-26243 affects Hyundai Gen5W_L IVI system (AE_E_PE_EUR.S5W_L001.001.211214). The decryption binary used to decrypt firmware files leaks information, allowing read access to the AES key and initialization vector from memory. An attacker could use this to craft and install custom firmware o...
CVE-2023-26246
An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to...