CVE-2023-34397

Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*

History

27 Jun 2025, 16:13

Type Values Removed Values Added
References () https://securelist.com/mercedes-benz-head-unit-security-research/115218/ - () https://securelist.com/mercedes-benz-head-unit-security-research/115218/ - Third Party Advisory
CPE cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*
First Time Mercedes-benz headunit Ntg6 Mercedes-benz User Experience
Mercedes-benz

24 Mar 2025, 17:15

Type Values Removed Values Added
CWE CWE-400
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

18 Feb 2025, 18:15

Type Values Removed Values Added
CWE CWE-770
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : unknown

14 Feb 2025, 17:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
Summary
  • (es) La unidad principal Mercedes Benz NTG 6 contiene funciones para importar o exportar configuraciones de perfil a través de USB. Durante el análisis, puede provocar que el servicio se bloquee.
CWE CWE-770

13 Feb 2025, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-02-13 22:15

Updated : 2025-06-27 16:13


NVD link : CVE-2023-34397

Mitre link : CVE-2023-34397

CVE.ORG link : CVE-2023-34397


JSON object : View

Products Affected

mercedes-benz

  • headunit_ntg6_mercedes-benz_user_experience
CWE
CWE-400

Uncontrolled Resource Consumption