MidnightBSD

Advisories for vw

CVE-2020-28656 HIGH

The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a metainfo file are parsed, which can cause attacker-controlled files to be written to the infotainment system and executed as root.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-354,

Products Affected

Vendor Product Version
vw polo_firmware 2019
CVE-2023-34733

A lack of exception handling in the Volkswagen Discover Media Infotainment System Software Version 0876 allows attackers to cause a Denial of Service (DoS) via supplying crafted media files when connecting a device to the vehicle's USB plug and play feature.

Products Affected

Vendor Product Version
vw discover_media_infotainment_system 0876
CVE-2024-5684

An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept "none"-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@asrg.io 6.3 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
vw id.charger_pro_firmware spr3.52
vw id.charger_connect_firmware spr3.2
vw id.charger_connect_firmware spr3.51
vw id.charger_connect_firmware spr3.52
vw id.charger_pro_firmware spr3.51
vw id.charger_pro_firmware spr3.2