- Description
- Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.7
- Impact score
- 5.2
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
- Hype score
- Not currently trending
🚨 CVE-2023-34402 🔴 HIGH (7.7) 🏢 Unknown Vendor - Unknown Product 🏗️ Unknown Version 🔗 https://t.co/o5Rr9ipqZP #CyberCron #VulnAlert https://t.co/GUWjnyg3z3
@cybercronai
16 Feb 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-34402 Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during… https://t.co/pRV4dXLWx8
@CVEnew
13 Feb 2025
358 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes