CVE-2023-28911
BaseFortify
Publication date: 2025-06-28
Last updated on: 2025-06-30
Assigner: Automotive Security Research Group (ASRG)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in the Bluetooth stack of the MIB3 infotainment system, caused by improper validation of user-supplied data. It allows an attacker to disconnect arbitrary Bluetooth channels, leading to a denial-of-service (DoS) attack affecting all connected clients of the infotainment device.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can cause a denial-of-service attack on the MIB3 infotainment system's Bluetooth connections, disrupting all connected clients and potentially impairing the functionality of the infotainment system in affected vehicles.