CVE-2024-51073

Name of the Vulnerable Software and Affected Versions: KIA Seltos vehicle instrument cluster version 1.0

Description: An issue in the KIA Seltos vehicle instrument cluster allows attackers to control or disrupt CAN communication between the instrument cluster and CAN bus. The findings are disputed by the supplier due to the potentially unrealistic test environment and because the observed behavior follows the UDS specification.

Recommendations: For KIA Seltos vehicle instrument cluster version 1.0, consider restricting access to the CAN bus to minimize the risk of exploitation until a patch or official fix is available from the supplier. At the moment, there is no information about a newer version that contains a fix for this vulnerability.