Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BYD DiLink OS Incorrect encryption Implementation of system log dumps
Vulnerability Description
An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. in the model ATTO3). An attacker with physical access to the vehicle can bypass the encryption of log dumps on the In-Vehicle Infotainment (IVI) unit's storage. This allows the attacker to access and read system logs containing sensitive data, including personally identifiable information (PII) and location data. This vulnerability was introduced in a patch intended to fix CVE-2024-54728.
CVSS Information
N/A
Vulnerability Type
依赖构建于封闭的安全性
Vulnerability Title
BYD DiLink 安全漏洞
Vulnerability Description
BYD DiLink是中国比亚迪(BYD)公司的一套智能网联系统。 BYD DiLink 3.0 OS存在安全漏洞,该漏洞源于系统日志转储功能加密实现不当,可能导致敏感数据泄露。
CVSS Information
N/A
Vulnerability Type
N/A