A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. Communication channel endpoints are not verified, which may allow a remote attacker to access or influence communications between the identified endpoints.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-300,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hyundaiusa | blue_link | 3.9.4 |
| hyundaiusa | blue_link | 3.9.5 |
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-321,CWE-798,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hyundaiusa | blue_link | 3.9.4 |
| hyundaiusa | blue_link | 3.9.5 |