Skoda-auto Superb_3_firmware
3 CVEs affecting Skoda-auto Superb_3_firmware. Latest disclosed: 2024-01-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28898 | Medium | 5.3 | 2024-01-12 | The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This… |
CVE-2023-28899 | Medium | 4.7 | 2024-01-12 | By sending a specific reset UDS request via OBDII port of Skoda vehicles, it is possible to cause vehicle engine shutdown and denial of service of other vehicl… |
CVE-2023-28897 | Medium | 4.0 | 2024-01-12 | The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered on Škoda Superb III… |