Daimler Schwachstellen

Zeitverlauf

Typ

Produkt

Daimler Mercedes HERMES6
Daimler Mercedes MBUX5
Daimler Mercedes XENTRY Retail Data Storage1
Daimler Mercedes-Benz C Class AMG Premium Plus c22 ...1
Daimler Mercedes Me App1

Massnahmen

Official Fix6
Temporary Fix0
Workaround0
Unavailable2
Not Defined7

Ausnutzbarkeit

High1
Functional1
Proof-of-Concept2
Unproven0
Not Defined11

Zugriffsart

Not Defined0
Physical10
Local2
Adjacent1
Network2

Authentisierung

Not Defined0
High1
Low2
None12

Benutzeraktivität

Not Defined0
Required1
None14

C3BM Index

CVSSv3 Base

≤10
≤20
≤33
≤43
≤53
≤63
≤72
≤81
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤33
≤43
≤54
≤63
≤72
≤80
≤90
≤100

VulDB

≤10
≤23
≤30
≤45
≤52
≤63
≤72
≤80
≤90
≤100

NVD

≤10
≤20
≤33
≤40
≤53
≤61
≤70
≤81
≤91
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Hersteller

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k13
<2k1
<5k0
<10k0
<25k1
<50k0
<100k0
≥100k0

Exploit heute

<1k15
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (6): Mercedes-Benz C Class AMG Premium Plus c220 BlueTec (1), Mercedes Comand (1), Mercedes HERMES (6), Mercedes MBUX (5), Mercedes Me App (1), Mercedes XENTRY Retail Data Storage (1)

VeröffentlichtBaseTempSchwachstelleProdAusMasCTIEPSSCVE
15.01.20235.34.8Daimler Mercedes XENTRY Retail Data Storage API Request reboot Denial of ServiceVehicle SoftwareProof-of-ConceptNot Defined0.070.01055CVE-2023-23590
14.05.20215.35.1Daimler Mercedes MBUX HERMES 2.1 RemoteDiagnosisApp Information DisclosureVehicle SoftwareNot DefinedOfficial Fix0.040.00954CVE-2021-23910
14.05.20216.25.9Daimler Mercedes MBUX HERMES 2.1 Local Privilege EscalationVehicle SoftwareNot DefinedOfficial Fix0.070.05634CVE-2021-23909
14.05.20213.93.8Daimler Mercedes MBUX Headunit NTG6 MultiSvSetAttributes erweiterte RechteVehicle SoftwareNot DefinedOfficial Fix0.040.05634CVE-2021-23908
14.05.20213.93.8Daimler Mercedes MBUX Headunit NTG6 MultiSvSet Local Privilege EscalationVehicle SoftwareNot DefinedOfficial Fix0.050.05634CVE-2021-23907
14.05.20213.93.8Daimler Mercedes MBUX Headunit NTG6 Local Privilege EscalationVehicle SoftwareNot DefinedOfficial Fix0.030.05634CVE-2021-23906
16.11.20202.22.2Daimler Mercedes HERMES Debug Interface Information DisclosureVehicle SoftwareNot DefinedNot Defined0.000.00885CVE-2019-19563
16.11.20204.24.2Daimler Mercedes HERMES schwache AuthentisierungVehicle SoftwareNot DefinedNot Defined0.000.00885CVE-2019-19562
16.11.20202.22.2Daimler Mercedes HERMES Debug Interface Information DisclosureVehicle SoftwareNot DefinedNot Defined0.020.00885CVE-2019-19561
16.11.20204.24.2Daimler Mercedes HERMES Debug Interface schwache AuthentisierungVehicle SoftwareNot DefinedNot Defined0.010.00885CVE-2019-19560

5 weitere Einträge werden nicht mehr angezeigt

Might our Artificial Intelligence support you?

Check our Alexa App!