CVE-2018-18070

Name of the Vulnerable Software and Affected Versions Daimler Mercedes-Benz COMAND versions 17/13.0 50.12

Description An issue was discovered in Daimler Mercedes-Benz COMAND where defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to re-calculate the route, which will cause a boot loop. Under certain circumstances, it is possible to quickly overwrite the malicious route to regain the stability of the system.

Recommendations For Daimler Mercedes-Benz COMAND version 17/13.0 50.12, as a temporary workaround, consider avoiding the use of specific navigation routes that may cause the system to freeze and reboot, and try to quickly overwrite the malicious route to regain stability when the issue occurs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.