CVE-2023-28898

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 12, 2024

Updated: Jan 22, 2024

CWE ID 233

Summary

CVE-2023-28898 is a newly discovered vulnerability affecting the Real-Time Streaming Protocol implementation in the MIB3 infotainment system of Škoda Superb III (3V3) 2.0 TDI vehicles produced in 2022. The issue lies in the way the system handles requests to the /logs URI when the id parameter equals zero. This vulnerability can be exploited by an attacker on the in-vehicle Wi-Fi network, causing a denial-of-service to the infotainment system under specific conditions. The precise implications of this vulnerability for vehicle safety and functionality are yet to be fully understood.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

Skoda Auto

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-28898 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database