Описание
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.
Ссылки
- Third Party AdvisoryVDB Entry
- MitigationThird Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gm:shanghai_onstar:7.1:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 36%
0.00154
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-312
CWE-312
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.
EPSS
Процентиль: 36%
0.00154
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-312
CWE-312