CNNVD-202506-3638 Information
CNNVD ID
CNNVD-202506-3638
Related CVE
- CNNVD Published: 2025-06-28
Description (Chinese)
Volkswagen MIB3 Infotainment是德国大众汽车(Volkswagen)公司的一款汽车上的信息娱乐系统。 Volkswagen MIB3 Infotainment存在安全漏洞,该漏洞源于蓝牙栈中缺乏对用户提供数据的适当验证,可能导致接收非分段HCI数据包时发生整数溢出。
Description (English)
Volkswagen MIB3 Information is an information and entertainment system in a car owned by Volkswagen. Volkswagen MIB3 Information has a security loophole, which stems from the lack of proper validation of data provided by users in the Bluetooth Dam, which may result in an integer spill when a non-sub-sub-section HCI package is received.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
大众汽车
Published
2025-06-28
Last Modified
2026-02-24
References
https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/ https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2 https://access.redhat.com/security/cve/cve-2023-28908
Patch
https://www.volkswagen.co.uk/en.html
Share on: