Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-23907 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2022-02-24 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution. | |||||
CVE-2021-23908 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2021-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution. | |||||
CVE-2021-23910 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2021-05-25 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp. | |||||
CVE-2021-23909 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2021-05-25 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution. | |||||
CVE-2021-23906 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2021-05-25 | 2.1 LOW | 6.8 MEDIUM |
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution. |