CVE-2018-9320

Опубликовано: 31 мая 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in.

Ссылки

http://www.securityfocus.com/bid/104258
Third Party Advisory
VDB Entry
https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf
Exploit
Third Party Advisory
https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/
Third Party Advisory
http://www.securityfocus.com/bid/104258
Third Party Advisory
VDB Entry
https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf
Exploit
Third Party Advisory
https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:bmw:head_unit_hu_nbt_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:bmw:head_unit_hu_nbt:-:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00065

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-693

Связанные уязвимости

GHSA-23cx-vh2c-742x