5 matches found
CVE-2023-34402
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights...
CVE-2023-34402
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights...
CVE-2023-34402
CVE-2023-34402 affects Mercedes‑Benz head‑unit NTG6. The vulnerability arises when importing/exporting profile settings over USB: an embedded file can encapsulate another file and, due to missing checks during processing, allows Arbitrary File Write with the rights of the speech service. Public d...
CVE-2023-34402
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights...
CVE-2023-34402
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights...