Lucene search
K

41 matches found

NVD
NVD
added 2026/05/29 2:16 p.m.19 views

CVE-2026-49316

Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the motorcycle's anti-theft shutdown by forcing the Wireless Control Module WCM into the CAN bus-off state. Using a well-known CAN...

4.6CVSS0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 1:16 p.m.17 views

CVE-2026-49323

Weak authentication between the Wireless Control Module WCM and the Engine Control Module ECM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to recover the per-vehicle ECM immobilizer secret by passively...

4.3CVSS0.00107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 12:39 p.m.9 views

CVE-2026-49316

Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the motorcycle's anti-theft shutdown by forcing the Wireless Control Module WCM into the CAN bus-off state. Using a well-known CAN...

4.6CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/29 12:32 p.m.36 views

CVE-2026-49324 Indian Scout Bobber 2025 WCM brute-force

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

4.6CVSS0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 12:31 p.m.36 views

CVE-2026-49323 Indian Scout Bobber 2025 WCM-to-ECM weak authentication

Weak authentication between the Wireless Control Module WCM and the Engine Control Module ECM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to recover the per-vehicle ECM immobilizer secret by passively...

4.3CVSS0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.13 views

PT-2026-44850

Name of the Vulnerable Software and Affected Versions Indian Motorcycle Scout Bobber + Tech 2025 model year Description An expected behavior violation in the in-vehicle network allows an adjacent-network attacker to bypass the anti-theft shutdown. By using a CAN error-frame injection technique...

4.6CVSS5.8AI score0.00181EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Automotive Grade Linux agl-service-can-low-level 安全漏洞

Automotive Grade Linux agl-service-can-low-level is an in-vehicle communication service component from Automotive Grade Linux, Inc. A security vulnerability exists in Automotive Grade Linux agl-service-can-low-level, which stems from a stack buffer overflow in the senddiagnosticrequest function i...

7.5CVSS6.3AI score0.00314EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/10/29 12:0 a.m.5 views

From ECU to VSOC: UDS Security Monitoring Strategies

Increasing complexity and connectivity of modern vehicles have heightened their vulnerability to cyberattacks. This paper addresses security challenges associated with the Unified Diagnostic Services UDS protocol, a critical communication framework for vehicle diagnostics in the automotive...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/10/21 3:29 a.m.8 views

Moderate: Red Hat Security Advisory: Automotive bug fix and enhancement update

An update for gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server is now available for Red Hat In-Vehicle-OS version 1.0.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...

8.8CVSS7.1AI score0.01565EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-30070

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00333EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.4 views

Positron PX360BT 安全漏洞

Positron PX360BT is an in-vehicle multimedia device from the Brazilian company Positron. A security vulnerability exists in the Positron PX360BT that stems from a failure to properly implement a rolling code security mechanism, which could lead to a replay attack...

6.8CVSS6.8AI score0.00266EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.2 views

Audi UTR 2.0 安全漏洞

Audi UTR 2.0 is an in-vehicle car recording system from Audi Germany. A security vulnerability exists in Audi UTR 2.0, which originates from improper access control of the FTP protocol, which allows an attacker to authenticate using any combination of username and password...

9.1CVSS6.7AI score0.00335EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.3 views

Audi UTR 2.0 安全漏洞

Audi UTR 2.0 is an in-vehicle car recording system from Audi Germany. A security vulnerability exists in Audi UTR 2.0, which stems from a specially crafted PUT request that can lead to arbitrary file overwrites...

7.5CVSS6.8AI score0.00298EPSS
Exploits1References2
CVE
CVE
added 2025/08/09 12:42 p.m.15 views

CVE-2025-7020

CVE-2025-7020 affects BYD DiLink 3.0 OS (e.g., ATTO3) on the In-Vehicle Infotainment storage. The issue is an incorrect encryption implementation in the system log dump feature, introduced in a patch intended to fix CVE-2024-54728. A attacker with physical access can bypass log-dump encryption an...

5.1CVSS6.5AI score0.00138EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/06/12 12:0 a.m.3 views

GOLIATH: a Decentralized Framework for Data Collection in Intelligent Transportation Systems

Intelligent Transportation Systems ITSs technology has advanced during the past years, and it is now used for several applications that require vehicles to exchange real-time data, such as in traffic information management. Traditionally, road traffic information has been collected using on-site...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/06 12:0 a.m.6 views

SDN-Based False Data Detection with Its Mitigation and Machine Learning Robustness for In-Vehicle Networks

As the development of autonomous and connected vehicles advances, the complexity of modern vehicles increases, with numerous Electronic Control Units ECUs integrated into the system. In an in-vehicle network, these ECUs communicate with one another using an standard protocol called Controller Are...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:50 a.m.7 views

CVE-2023-28898

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

5.3CVSS6.8AI score0.00231EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/15 12:0 a.m.6 views

A Survey of Learning-Based Intrusion Detection Systems for In-Vehicle Network

Connected and Autonomous Vehicles CAVs enhance mobility but face cybersecurity threats, particularly through the insecure Controller Area Network CAN bus. Cyberattacks can have devastating consequences in connected vehicles, including the loss of control over critical systems, necessitating robus...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2024/09/23 12:0 a.m.4 views

Sony XAV-AX5500 安全漏洞

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. A code execution vulnerability exists in the SONY XAV-AX5500 that stems from a lack of proper validation of software update packages and can be exploited by an attacker to...

6.8CVSS7.9AI score0.01761EPSS
Exploits2References4
Malwarebytes
Malwarebytes
added 2024/09/13 4:9 p.m.5 views

Ford wants to eavesdrop on passenger conversations to help target ads

Car manufacturer Ford Motor Company has filed a patent application for an in-vehicle advertisement presentation system based on information derived from several trip and driver characteristics. Among those characteristics—human conversations. In the abstract of the patent application publication...

7.1AI score
Exploits0
Rows per page
Query Builder