Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/02/16 1:25 p.m.8 views

CVE-2025-32060

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

6.7CVSS5.9AI score0.00112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 1:25 p.m.4 views

CVE-2025-32063

There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server...

6.8CVSS5.5AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/02/15 11:15 a.m.8 views

CVE-2025-32063

There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server...

6.8CVSS0.00232EPSS
Exploits0References3
NVD
NVD
added 2026/02/15 11:15 a.m.7 views

CVE-2025-32059

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/15 10:48 a.m.29 views

CVE-2025-32063 Enabling SSH server on Infotainment ECU

There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server...

6.8CVSS0.00232EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/15 10:48 a.m.4 views

CVE-2025-32063 Enabling SSH server on Infotainment ECU

There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server...

6.8CVSS5.5AI score0.00232EPSS
Exploits0References3
CVE
CVE
added 2026/02/15 10:48 a.m.29 views

CVE-2025-32063

CVE-2025-32063 describes a misconfiguration in the Bosch Infotainment ECU. During startup of a specific systemd service, developer features are activated: firewall can be disabled and an SSH server is started. Identified on Nissan Leaf ZE1 (2020). CVSSv3.1 base score 6.8 (MEDIUM) with physical ac...

6.8CVSS5.5AI score0.00232EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/15 10:47 a.m.9 views

EUVD-2025-206905

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS7AI score0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/15 10:47 a.m.30 views

CVE-2025-32061 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS0.00379EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/15 10:47 a.m.7 views

EUVD-2025-206903

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS7AI score0.00379EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/15 10:47 a.m.7 views

CVE-2025-32061 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/15 10:46 a.m.7 views

EUVD-2025-206906

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

6.7CVSS5.9AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/15 10:46 a.m.30 views

CVE-2025-32060 Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

6.7CVSS0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/15 10:45 a.m.8 views

EUVD-2025-206904

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS7AI score0.00379EPSS
Exploits0References3
CVE
CVE
added 2026/02/15 10:44 a.m.81 views

CVE-2025-32058

Summary: CVE-2025-32058 affects Bosch Infotainment ECU using a RH850 module for CAN communication. A vulnerability in processing requests for a custom protocol over the INC interface (on the RH850 side) can let an attacker who already has code execution on the infotainment main SoC execute code o...

9.3CVSS6.3AI score0.00159EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.7 views

CVE-2025-32057

The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...

6.5CVSS5.5AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 3:22 p.m.6 views

CVE-2025-32056

The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...

4CVSS6.1AI score0.00318EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 3:22 p.m.49 views

CVE-2025-32057

The CVE-2025-32057 entry concerns the Bosch Infotainment ECU in Nissan Leaf ZE1 (2020). The vulnerability arises from using a Redbend OTA service with HTTPS where the SSL engine uses a default configuration, resulting in server root certificate verification being disabled. This can allow an attac...

6.5CVSS5.5AI score0.00291EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/22 3:21 p.m.3 views

CVE-2025-32056

The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...

4CVSS5.5AI score0.00318EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/22 3:21 p.m.5 views

CVE-2025-32056 Anti-Theft Bypass for Infotainment ECU

The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...

4CVSS5.6AI score0.00318EPSS
Exploits0References3
Rows per page
Query Builder