CVE-2023-34399

CRITICAL

9.8

Beschreibung

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht2/13/2025

Zuletzt geandert6/27/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

mercedes-benz:headunit_ntg6_mercedes-benz_user_experience

Schwachen (CWE)

CWE-190

Referenzen

https://securelist.com/mercedes-benz-head-unit-security-research/115218/(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.