CVE-2023-34401 in Head-Unit NTG6المعلومات

الملخص

بحسب MITRE • 14/02/2025

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

مسؤول

MITRE

حجز

05/06/2023

إفشاء

14/02/2025

الاعتدال

تمت الموافقة

إدخال

VDB-295783

EPSS

0.00264

KEV

لا

النشاطات

منخفض جدًا

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!