EUVD-2023-30069

Malicious code in bioql PyPI...

EUVD-2023-30068

Malicious code in bioql PyPI...

EUVD-2023-30070

Malicious code in bioql PyPI...

CVE-2023-26244

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppDMClient binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check of AppUpgrade and .lge.upgrade.xml...

CVE-2023-26246

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to...

CVE-2023-26245

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the version check in order to install any firmware version e.g.,...

CVE-2023-26243

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...

Design/Logic Flaw

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...

Design/Logic Flaw

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppDMClient binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check of AppUpgrade and .lge.upgrade.xml...

Input validation

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the version check in order to install any firmware version e.g.,...

Design/Logic Flaw

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to...

CVE-2023-26245

Hyundai Gen5W_L in-vehicle infotainment system (AE_E_PE_EUR.S5W_L001.001.211214) is affected. The AppUpgrade binary used during firmware installation can be modified by an attacker to bypass the version check, enabling installation of arbitrary firmware versions (newer, older, or customized) and ...

CVE-2023-26246

The CVE-2023-26246 issue affects Hyundai Gen5W_L in-vehicle infotainment systems AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary used during firmware installation can be modified to bypass the digital signature check, enabling an attacker to install custom firmware on the IVI system. This ...

CVE-2023-26246

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to...

CVE-2023-26243

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...

Hyundai Gen5W_L 安全漏洞

Hyundai Gen5WL is an automotive standard navigation infotainment system from Hyundai, South Korea. A security vulnerability exists in the Hyundai Gen5WL, which stems from an information leakage vulnerability that allows an attacker to read AES keys and initialization vectors from memory, which...

CVE-2023-26243

CVE-2023-26243 affects Hyundai Gen5W_L IVI system (AE_E_PE_EUR.S5W_L001.001.211214). The decryption binary used to decrypt firmware files leaks information, allowing read access to the AES key and initialization vector from memory. An attacker could use this to craft and install custom firmware o...

Hyundai Gen5W_L 安全漏洞

The Hyundai Gen5WL is an automotive standard navigation infotainment system from Hyundai, South Korea. The Hyundai Gen5WL suffers from a security vulnerability that originates from an attacker being able to modify the AppDMClient binary file used during the firmware installation process to bypass...

Hyundai Gen5W_L 安全漏洞

Hyundai Gen5WL is an automotive standard navigation infotainment system from Hyundai, South Korea. The Hyundai Gen5WL suffers from a security vulnerability that arises from the fact that the AppUpgrade binary file used during firmware installation can be modified by an attacker to bypass version...

CVE-2023-26244

CVE-2023-26244 affects Hyundai Gen5W_L in-vehicle infotainment. The issue: attacker can modify the AppDMClient binary used during firmware installation to bypass the digital signature check of AppUpgrade and .lge.upgrade.xml, enabling use of a custom AppUpgrade/.lge.upgrade.xml during updates. Ro...