MidnightBSD

Advisories for hyundaiusa

CVE-2017-6052 MEDIUM

A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. Communication channel endpoints are not verified, which may allow a remote attacker to access or influence communications between the identified endpoints.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-300,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
hyundaiusa blue_link 3.9.4
hyundaiusa blue_link 3.9.5
CVE-2017-6054 MEDIUM

A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-321,CWE-798,

Products Affected

Vendor Product Version
hyundaiusa blue_link 3.9.4
hyundaiusa blue_link 3.9.5