Mercedes-benz Headunit_ntg6_mercedes-benz_user_experience
15 CVEs affecting Mercedes-benz Headunit_ntg6_mercedes-benz_user_experience. Latest disclosed: 2025-02-13. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-34399 | Critical | 9.8 | 2025-02-13 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost… |
CVE-2023-34402 | High | 7.7 | 2025-02-13 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop… |
CVE-2023-34400 | High | 7.5 | 2025-02-13 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the… |
CVE-2023-34398 | High | 7.5 | 2025-02-13 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost… |
CVE-2023-34397 | High | 7.5 | 2025-02-13 | Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed. |
CVE-2024-37600 | Medium | 6.8 | 2025-02-13 | An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible stack buffer overflow in the Service Broker service affects… |
CVE-2023-34404 | Medium | 4.9 | 2025-02-13 | Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to these pins and get access to internal network. As a… |
CVE-2023-34403 | Medium | 4.9 | 2025-02-13 | Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to internal network. A rac… |
CVE-2024-37603 | Medium | 4.6 | 2025-02-13 | An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible type confusion exists in the user data import/export function of NTG 6 h… |
CVE-2024-37602 | Medium | 4.6 | 2025-02-13 | An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible NULL pointer dereference in the Apple Car Play function aff… |
CVE-2024-37601 | Medium | 4.6 | 2025-02-13 | An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible heap buffer overflow exists in the user data import/export function of N… |
CVE-2023-34401 | Low | 3.7 | 2025-02-13 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with pro… |
CVE-2023-34406 | Low | 3.3 | 2025-02-13 | An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6… |
CVE-2021-23908 | Low | 2.9 | 2021-05-13 | An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetA… |
CVE-2021-23907 | Low | 2.9 | 2021-05-13 | An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, an… |