20 matches found
EUVD-2023-38482
Malicious code in bioql PyPI...
EUVD-2025-4907
Malicious code in bioql PyPI...
CVE-2023-34403
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to internal network. A race condition can be acquired and attacker can spoof “UserData” with desirable file path and access it though backup on USB...
CVE-2023-34404
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to these pins and get access to internal network. As a result, by accessing a specific port an attacker can send call request to all registered services in router and achieve command injection...
CVE-2024-37602
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6 through 2021. A possible NULL pointer dereference in the Apple Car Play function affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP...
CVE-2024-37602
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6 through 2021. A possible NULL pointer dereference in the Apple Car Play function affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP...
CVE-2024-37600
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address,...
CVE-2023-34404
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to these pins and get access to internal network. As a result, by accessing a specific port an attacker can send call request to all registered services in router and achieve command injection...
CVE-2023-34403
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to internal network. A race condition can be acquired and attacker can spoof “UserData” with desirable file path and access it though backup on USB...
CVE-2023-34403
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to internal network. A race condition can be acquired and attacker can spoof “UserData” with desirable file path and access it though backup on USB...
CVE-2023-34403
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to internal network. A race condition can be acquired and attacker can spoof “UserData” with desirable file path and access it though backup on USB...
CVE-2024-37602
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6 through 2021. A possible NULL pointer dereference in the Apple Car Play function affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP...
CVE-2023-34404
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to these pins and get access to internal network. As a result, by accessing a specific port an attacker can send call request to all registered services in router and achieve command injection...
CVE-2023-34403
CVE-2023-34403 concerns Mercedes‑Benz head‑unit NTG6. Documented exposure arises from race-condition weaknesses accessed via the Base Board CSB Ethernet interface: an attacker can connect to exposed pins, gain access to the internal network, and potentially spoof the UserData path so that files r...
CVE-2023-34404
CVE-2023-34404 affects the Mercedes‑Benz head‑unit NTG6. Public analyses describe an attack surface exposed by internal network access (Ethernet test pins on the Base Board) enabling a crafted port call to registered services in the router, which can lead to command injection via the GCF/MoCCA/Ne...
CVE-2024-37602
CVE-2024-37602 affects Mercedes-Benz NTG (New Telematics Generation) 6 through 2021 head units. The vulnerability is a NULL pointer dereference in the Apple CarPlay function that can crash the Car Play service. Exploitation requires physical access to Ethernet pins on the head unit base board; wi...
CVE-2023-34404
Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to these pins and get access to internal network. As a result, by accessing a specific port an attacker can send call request to all registered services in router and achieve command injection...
CVE-2024-37600
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address,...
CVE-2024-37600
CVE-2024-37600 concerns Mercedes-Benz NTG (MBUX) head units (6 through 2021) with a stack buffer overflow in the Service Broker service (MoCCA). Exploitation requires physical access to the head unit’s base-board Ethernet pins and a static IP on the internal network; an attacker can send crafted ...
PT-2025-1230 · Mercedes Benz · Mbux +1
Name of the Vulnerable Software and Affected Versions: Mercedes-Benz head-unit NTG6 Description: The issue is related to the Mercedes-Benz head-unit NTG6, which has Ethernet pins on the Base Board to connect the module CSB. An attacker can connect to these pins and gain access to the internal...