Vulnerability in Visteon Infotainment
CVE-2024-8356
Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment sys…
EPSS: 0.000 (15.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Visteon Infotainment — versions cmu150_NA_74.00.324A
Weakness classification (CWE)
References
- ZDI-24-1188 (x_research-advisory)
Frequently asked questions
- What is CVE-2024-8356?
- CVE-2024-8356 is a high-severity vulnerability in Visteon Infotainment, classified under Insufficient Verification of Data Authenticity. CVSS score: 8.8/10. Published 2024-11-22.
- How severe is CVE-2024-8356?
- High severity. CVSS v3 base score is 8.8 out of 10.