13.050.12

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

mercedes-benz

CWE-835

NVD

Published: 2018-10-09

Updated: 2021-09-13

Summary

An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to re-calculate the route, which will cause a boot loop. (Under certain circumstances, it is possible to quickly overwrite the malicious route to regain the stability of the system.)

Vulnerable Configurations

Part	Description	Count
OS	Mercedes-Benz Mercedes Benz Comand 17\/13.0_50.12	1
Hardware	Mercedes-Benz Mercedes Benz C Class 2018	1

Common Weakness Enumeration (CWE)

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

References

https://vuldb.com/?id.125080