CVE-2023-28908

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment (affected versions not specified)

Description: A specific flaw exists within the Bluetooth stack of the MIB3 infotainment, resulting from the lack of proper validation of user-supplied data. This can cause an integer overflow when receiving non-fragmented HCI packets on a channel. The issue was originally discovered in a Skoda Superb III car with an MIB3 infotainment unit OEM part number 3V0035820.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.