PT-2023-24988 · Volkswagen · Volkswagen Discover Media Infotainment System
Published
2023-06-16
·
Updated
2023-06-26
·
CVE-2023-34733
CVSS v3.1
6.8
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Volkswagen Discover Media Infotainment System Software version 0876
Description
A lack of exception handling in the software allows attackers to cause a Denial of Service (DoS) via supplying crafted media files when connecting a device to the vehicle's USB plug and play feature.
Recommendations
For version 0876, consider disabling the USB plug and play feature until a patch is available to prevent potential Denial of Service (DoS) attacks. Restrict access to the infotainment system to minimize the risk of exploitation. Avoid using the USB feature with untrusted devices to reduce the risk of supplying crafted media files.
Exploit
Fix
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Volkswagen Discover Media Infotainment System