CNNVD-202601-3815 Information
CNNVD ID
CNNVD-202601-3815
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
Bosch Infotainment ECU是德国Bosch公司的一个车载娱乐系统。 Bosch Infotainment ECU存在安全漏洞,该漏洞源于SSL引擎使用默认配置导致未验证服务器根证书,可能导致攻击者冒充Redbend后端服务器。
Description (English)
Bosch Investment EU is a car-borne entertainment system of the German company Bosch. There is a security loophole in Bosch Information EU, which stems from the default configuration of the SSL engine, which resulted in the unverified server root certificate, and may result in the attackers impersonating Redbend backend servers.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
博世
Published
2026-01-22
Last Modified
2026-02-24
References
http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch https://access.redhat.com/security/cve/cve-2025-32057
Patch
https://www.bosch-mobility.com/en/solutions/infotainment/infotainment-systems-coach/
Share on: