Lucene search

K

Volkswagen Security Vulnerabilities

cve
cve

CVE-2024-5684

An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would....

8.8CVSS

7.5AI Score

0.001EPSS

2024-06-06 01:15 PM
36
cve
cve

CVE-2023-6073

Attacker can perform a Denial of Service attack to crash the ICAS 3 IVI ECU in a Volkswagen ID.3 (and other vehicles of the VW Group with the same hardware) and spoof volume setting commands to irreversibly turn on audio volume to maximum via REST API...

6.3CVSS

6.3AI Score

0.0004EPSS

2023-11-10 08:15 AM
37
cve
cve

CVE-2018-1170

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS

8.5AI Score

0.002EPSS

2018-03-02 01:29 AM
31