An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution.
References
Link | Resource |
---|---|
https://keenlab.tencent.com/en/2021/05/12/Tencent-Security-Keen-Lab-Experimental-Security-Assessment-on-Mercedes-Benz-Cars/ | Third Party Advisory |
https://keenlab.tencent.com/en/whitepapers/Mercedes_Benz_Security_Research_Report_Final.pdf | Exploit Third Party Advisory |
https://media.daimler.com/marsMediaSite/en/instance/ko.xhtml?oid=49946866 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-05-13T18:57:21
Updated: 2021-05-13T18:57:21
Reserved: 2021-01-12T00:00:00
Link: CVE-2021-23908
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-13T19:15:07.830
Modified: 2021-12-10T18:09:47.833
Link: CVE-2021-23908
JSON object: View
Redhat Information
No data.
CWE