← back
CVE-2023-34399

CVE-2023-34399

CVSS 9.8 CRITICALEPSS 0.7%CWE-190
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://securelist.com/mercedes-benz-head-unit-security-research/115218/