2 matches found
CVE-2023-28912
The CVE-2023-28912 issue affects the VW/Skoda MIB3 infotainment unit (notably in Skoda Superb III with OEM part 3V0035820). The root cause is storing the synchronized phone contact book in clear text, enabling an attacker with system code execution privileges or physical access to exfiltrate vehi...
CVE-2023-28912 Cleartext Phonebook Information
The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner's contact data. The vulnerability was originally discovered in Skoda Superb III car with MIB3...