Joynext Mib3 Infotainment Unit
4 CVEs affecting Joynext Mib3 Infotainment Unit. Latest disclosed: 2024-01-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28898 | Medium | 5.3 | 2024-01-12 | The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This… |
CVE-2023-28897 | Medium | 4.0 | 2024-01-12 | The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III… |
CVE-2023-28895 | Low | 3.5 | 2023-12-01 | The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3 infotainment is hard-coded in the firmware. The console allows… |
CVE-2023-28896 | Low | 3.3 | 2023-12-01 | Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CA… |