CVE-2023-34401 in Head-Unit NTG6
الملخص
بحسب MITRE • 14/02/2025
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.