CVE-2021-23907

An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:2021:*:*:*:*:*:*:*
OR cpe:2.3:h:mercedes-benz:a_220:-:*:*:*:*:*:*:*
cpe:2.3:h:mercedes-benz:a_220_4matic:-:*:*:*:*:*:*:*
cpe:2.3:h:mercedes-benz:e_350:-:*:*:*:*:*:*:*
cpe:2.3:h:mercedes-benz:e_350_4matic:-:*:*:*:*:*:*:*
cpe:2.3:h:mercedes-benz:eqc:-:*:*:*:*:*:*:*
cpe:2.3:h:mercedes-benz:gle_350:-:*:*:*:*:*:*:*
cpe:2.3:h:mercedes-benz:gle_350_4matic:-:*:*:*:*:*:*:*

Information

Published : 2021-05-13 12:15

Updated : 2022-02-24 11:27


NVD link : CVE-2021-23907

Mitre link : CVE-2021-23907


JSON object : View

Advertisement

dedicated server usa

Products Affected

mercedes-benz

  • gle_350_4matic
  • headunit_ntg6_mercedes-benz_user_experience
  • e_350
  • eqc
  • e_350_4matic
  • a_220_4matic
  • gle_350
  • a_220