PT-2023-27110 · Renault · Renault Easy Link Multimedia System
Published
2023-08-24
·
Updated
2023-08-29
·
CVE-2023-39801
CVSS v3.1
4.6
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Renault Easy Link Multimedia System Software version 283C35519R
Description
The issue is related to a lack of exception handling in the software, allowing attackers to cause a Denial of Service (DoS) by supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature.
Recommendations
For Renault Easy Link Multimedia System Software version 283C35519R, consider disabling the USB plug and play feature until a patch is available to prevent potential Denial of Service (DoS) attacks via crafted WMA files.
Exploit
Fix
Improper Handling of Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Renault Easy Link Multimedia System