Shanghai Onstar Security Vulnerabilities and Issues — Shanghai Onstar CVE List

Lucene search

GmShanghai Onstar

3 matches found

CVE•added 2018/01/09 9:29 p.m.•40 views

CVE-2017-12695

An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.

8.8CVSS8.2AI score0.00233EPSS

CVE•added 2018/01/09 9:29 p.m.•37 views

CVE-2017-9663

An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.

7.5CVSS7.1AI score0.00163EPSS

CVE•added 2018/01/09 9:29 p.m.•34 views

CVE-2017-12697

A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server.

5.9CVSS5.2AI score0.00196EPSS