Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-9322 | 1 Bmw | 2 Head Unit Hu Nbt, Head Unit Hu Nbt Firmware | 2018-06-29 | 7.2 HIGH | 7.8 HIGH |
| The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface. An attacker can bypass the code-signing protection mechanism for firmware updates, and consequently obtain a root shell. | |||||
| CVE-2018-9312 | 1 Bmw | 2 Head Unit Hu Nbt, Head Unit Hu Nbt Firmware | 2018-06-29 | 7.2 HIGH | 7.8 HIGH |
| The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. | |||||
| CVE-2018-9313 | 1 Bmw | 2 Head Unit Hu Nbt, Head Unit Hu Nbt Firmware | 2018-06-29 | 5.7 MEDIUM | 5.3 MEDIUM |
| The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via Bluetooth when in pairing mode, leading to a Head Unit reboot. | |||||
| CVE-2018-9320 | 1 Bmw | 2 Head Unit Hu Nbt, Head Unit Hu Nbt Firmware | 2018-06-29 | 7.2 HIGH | 7.8 HIGH |
| The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. | |||||
| CVE-2018-9314 | 1 Bmw | 2 Head Unit Hu Nbt, Head Unit Hu Nbt Firmware | 2018-06-29 | 7.2 HIGH | 6.8 MEDIUM |
| The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who has direct physical access. | |||||