CVE-2017-6052

Name of the Vulnerable Software and Affected Versions Hyundai Motor America Blue Link versions 3.9.4 through 3.9.5

Description A Man-in-the-Middle issue was discovered, where communication channel endpoints are not verified. This may allow a remote attacker to access or influence communications between the identified endpoints.

Recommendations For versions 3.9.4 and 3.9.5, consider restricting access to the communication channel until a patch is available. As a temporary workaround, verify the identity of endpoints before establishing communication to minimize the risk of exploitation.