EUVD-2017-18578

Malware in sbrugna...

CVE-2025-34251

Tesla Telematics Control Unit TCU firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge adbd as root and, despite a “lockdown” check that disables adb shell, still permits adb push/pull and adb forward. Because adbd is privileged and the...

PT-2025-40953

Name of the Vulnerable Software and Affected Versions Tesla Telematics Control Unit TCU firmware versions prior to 2025.14 Description The Tesla Telematics Control Unit TCU firmware is susceptible to an authentication bypass. The TCU operates the Android Debug Bridge adbd with root privileges...

tcu-net.de Cross Site Scripting vulnerability OBB-1420937

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

From a TCU to Corporate Domain Admin

How we went from a telematics control unit in a vehicle to domain admin on a corporate network We’ve tested numerous telematics control units over recent years and gathered many of our findings in to some good practice guidance here. However, just occasionally we find something that blows our min...

library-eng.tcu.edu.tw Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-912700 Security Researcher Renzi Helped patch 6742 vulnerabilities Received 8 Coordinated Disclosure badges Received 36 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting library-eng.tcu.edu.tw websit...

CVE-2017-9647

CVE-2017-9647 is a stack-based buffer overflow in Continental AG’s Infineon S-Gold 2 (PMB 8876) cellular baseband used in 2G TCUs. The flaw occurs in processing AT commands and could allow arbitrary code execution on the TCU baseband processor when an attacker has a physical connection to the TCU...

CVE-2017-9647

A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 PMB 8876 chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti 2014-2016 QX60 Hybrid, Infiniti 2014-2015...

Ford, BMW, Infiniti and Nissan TCU presence of a vulnerability, can be remote intrusion-vulnerability warning-the black bar safety net

! Three researchers found that Ford, BMW, Infiniti and Nissan Automatic Transmission Control UnitTCUin the presence of a vulnerability, these TCU are made by Continental AG production. Vulnerability causes The three researchers from McAfee, respectively, is Mickey Shkatov, Jesse, Michael and...

Continental TCU Remote Code Execution Vulnerability

The TCU is a 2G modem commonly used in modern automobiles manufactured by Continental AG for transmitting data that enables communication between the car and remote management tools such as web panels and mobile applications. A remote code execution vulnerability exists in the Continental TCU tha...