CVE-2023-29113

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment unit (affected versions not specified)

Description: The MIB3 infotainment unit used in Skoda and Volkswagen vehicles lacks privilege separation for its proprietary inter-process communication mechanism. This allows attackers with system presence to bypass access control restrictions at the operating system level. The issue was initially found in a Skoda Superb III car with a specific MIB3 infotainment unit.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.