CVE-2023-34398

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference...

CVE-2023-34404

CVE-2023-34404 affects the Mercedes‑Benz head‑unit NTG6. Public analyses describe an attack surface exposed by internal network access (Ethernet test pins on the Base Board) enabling a crafted port call to registered services in the router, which can lead to command injection via the GCF/MoCCA/Ne...

CVE-2023-34400

Summary (CVE-2023-34400): Mercedes-Benz head-unit NTG6 has a vulnerability in its USB-based import/export of profile settings. The parser may attempt to convert a header inside the imported file to a null-terminated string, and if a required character is missing, a null pointer is returned, poten...

PT-2025-1231 · Mercedes Benz · Mercedes-Benz Head-Unit Ntg6

Name of the Vulnerable Software and Affected Versions: Mercedes-Benz head-unit NTG6 affected versions not specified Description: The issue is related to the import or export of profile settings over USB in the Mercedes-Benz head-unit NTG6. Some values are serialized using the boost library, which...