PT-2024-37477 · Maruti Suzuki · Maruti Suzuki Smartplay
Mohammed Shine
·
Published
2024-10-28
·
Updated
2024-11-07
·
CVE-2024-6245
CVSS v3.1
7.4
High
| Vector | AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Maruti Suzuki SmartPlay version 66T0.05.50
Description:
The issue is related to the use of default credentials in Maruti Suzuki SmartPlay on Linux, specifically in Infotainment Hub modules. This allows an attacker to attempt common or default usernames and passwords. The problem was identified in a 2022 Maruti Suzuki Brezza in the India market.
Recommendations:
For version 66T0.05.50, change the default credentials to unique and strong usernames and passwords to prevent unauthorized access. Consider disabling the use of default credentials as a temporary workaround until a more permanent solution is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Maruti Suzuki Smartplay