CVE-2023-40728

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 12, 2023

Updated: Sep 14, 2023

CWE ID 922

Summary

CVE-2023-40728 is a newly discovered vulnerability affecting QMS Automotive software (all versions below V12.39). The issue lies within the QMS.Mobile module, where sensitive application data is stored insecurely outside the application. An attacker can exploit this vulnerability to manipulate the content, potentially resulting in arbitrary code execution or causing a denial-of-service condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sahS0V
https://www.cve.org/CVERecord?id=CVE-2023-40728
https://nvd.nist.gov/vuln/detail/CVE-2023-40728

Back to Vulnerability Database

CVE-2023-40728

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations