CVE-2023-28907

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment (affected versions not specified)

Description: The issue is related to the lack of memory isolation between CPU cores of the MIB3 infotainment, allowing an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. This was originally discovered in a Skoda Superb III car with an MIB3 infotainment unit.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.