exploitDog

CVE-2023-28885

Опубликовано: 27 мар. 2023

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

The MyLink infotainment system (build 2021.3.26) in General Motors Chevrolet Equinox 2021 vehicles allows attackers to cause a denial of service (temporary failure of Media Player functionality) via a crafted MP3 file.

Ссылки

https://github.com/zj3t/Automotive-vulnerabilities/tree/main/GM/Chevrolet_Equinox2021
https://github.com/zj3t/GM_Vulnerability
Third Party Advisory
https://github.com/zj3t/Automotive-vulnerabilities/tree/main/GM/Chevrolet_Equinox2021
https://github.com/zj3t/GM_Vulnerability
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:gm:mylink_infotainment_system:2021.3.26:*:*:*:*:*:*:*

cpe:2.3:h:gm:chevrolet_equinox:2021:-:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00052

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-787

CWE-787

Связанные уязвимости

GHSA-cj8x-r7cp-9cjg

CVSS3: 6.8

github

почти 3 года назад

The MyLink infotainment system (build 2021.3.26) in General Motors Chevrolet Equinox 2021 vehicles allows attackers to cause a denial of service (temporary failure of Media Player functionality) via a crafted MP3 file.

EPSS

Процентиль: 16%

0.00052

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-787

CWE-787