CVE-2023-28903

{"id": "CVE-2023-28903", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@asrg.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2025-06-28T16:15:22.087", "references": [{"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/", "source": "cve@asrg.io"}, {"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf", "source": "cve@asrg.io"}, {"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2", "source": "cve@asrg.io"}, {"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cve@asrg.io", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system."}, {"lang": "es", "value": "Un desbordamiento de entero en el binario de procesamiento de im\u00e1genes de la unidad de infoentretenimiento MIB3 permite que un atacante con acceso local al veh\u00edculo provoque una denegaci\u00f3n de servicio del sistema de infoentretenimiento."}], "lastModified": "2025-06-30T20:15:23.040", "sourceIdentifier": "cve@asrg.io"}