← voltar
CVE-2023-28905

Heap buffer overflow in picserver

CVSS 8 HIGHEPSS 0.4%CWE-122
A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
Preh Car Connect GmbH (JOYNEXT GmbH) · Volkswagen MIB3 infotainment system MIB3 OI MQB

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdfhttps://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2