Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Head Unit Denial-of-Service via Apple CarPlay service
Vulnerability Description
The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain preconditions are met. Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
参数问题
Vulnerability Title
Skoda 安全漏洞
Vulnerability Description
Skoda是Skoda公司的一系列汽车。 Skoda Superb III (3V3) 2.0 TDI版本存在安全漏洞,该漏洞源于Real-Time Streaming Protocol没有正确处理对/logs URI的请求,导致攻击者可以对infotainment system发起拒绝服务(DOS)攻击。
CVSS Information
N/A
Vulnerability Type
N/A