CVE-2017-9647

Name of the Vulnerable Software and Affected Versions Infineon S-Gold 2 (PMB 8876) chipset versions used in various vehicle models produced between 2009-2016

Description A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset. This issue allows an attacker with a physical connection to the TCU to exploit a buffer overflow condition that exists in the processing of AT commands, potentially enabling arbitrary code execution on the baseband radio processor of the TCU.

Recommendations For the Infineon S-Gold 2 (PMB 8876) chipset used in the affected vehicle models, consider restricting physical access to the TCU to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.