3 matches found
Design/Logic Flaw
Attacker can perform a Denial of Service attack to crash the ICAS 3 IVI ECU in a Volkswagen ID.3 and other vehicles of the VW Group with the same hardware and spoof volume setting commands to irreversibly turn on audio volume to maximum via REST API calls...
CVE-2023-6073
CVE-2023-6073 affects the Volkswagen ID.3 ICAS 3 IVI ECU. Affected component: ICAS 3 IVI ECU in VW Group vehicles with the same hardware. Description provided across sources states that an attacker can perform a Denial of Service to crash the ICAS 3 IVI ECU and spoof REST API volume commands to i...
vw-group.pl Cross Site Scripting vulnerability OBB-2847815
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...