CVE-2023-28905
Awaiting Analysis
Awaiting Analysis - Queue
BaseFortify
Publication date: 2025-06-28
Last updated on: 2025-06-30
Assigner: Automotive Security Research Group (ASRG)
Description
Description
A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it.
The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a heap buffer overflow in the image processing binary of the MIB3 infotainment unit used in certain vehicles. It allows an attacker to execute arbitrary code on the infotainment system by exploiting this overflow.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could execute arbitrary code on the MIB3 infotainment unit, potentially compromising the system's integrity, causing denial of service, or gaining unauthorized control over the infotainment system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70