Количество 3
Количество 3
CVE-2023-34402
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights.
GHSA-rcq4-h567-5923
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights.
BDU:2025-00605
Уязвимость функции UserDataExchangeServiceClient::unpackVoiceTagArchiveOptimized() системы мультимедиа Mercedes-Benz User Experience (MBUX), позволяющая нарушителю повысить свои привилегии и записывать произвольные файлы
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-34402 Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights. | CVSS3: 7.7 | 0% Низкий | 12 месяцев назад |
| GHSA-rcq4-h567-5923 Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights. | CVSS3: 7.7 | 0% Низкий | 12 месяцев назад |
 | BDU:2025-00605 Уязвимость функции UserDataExchangeServiceClient::unpackVoiceTagArchiveOptimized() системы мультимедиа Mercedes-Benz User Experience (MBUX), позволяющая нарушителю повысить свои привилегии и записывать произвольные файлы | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу