216.73.217.86

CVE-2024-37603

· Published 13/02/2025 23:15 · Modified 18/02/2025 14:15

Labels: CVE-2024-37603 2025-02-13CVE-2024-37603CWE-843[email protected]

Essential information

Published
13/02/2025 23:15
Modified
18/02/2025 14:15
Author
Creator
CVSS
4.6 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References