Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Customer-Link App and Customer-Link Bridge. The issue results from the lack of a proper protection mechanism against unauthorized firmware updates. An attacker can leverage this vulnerability to inject CAN messages. Was ZDI-CAN-5264.
CVSS Information
N/A
Vulnerability Type
保护机制失效
Vulnerability Title
Volkswagen Customer-Link App和HTC Customer-Link Bridge 安全漏洞
Vulnerability Description
Volkswagen Customer-Link App是德国大众(Volkswagen)汽车公司的一款用于监控车辆状态的移动应用程序。HTC Customer-Link Bridge是德国大众(Volkswagen)汽车公司和HTC公司的共同发布的一款物联网设备,用于监控车辆信息并提供其他路面信息。 Volkswagen Customer-Link App 1.30版本和HTC Customer-Link Bridge中存在安全漏洞,该漏洞程序没有采用正确的保护机制,来防止未授权的固件更新。攻击者可利用
CVSS Information
N/A
Vulnerability Type
N/A