Vulnerabilities > CVE-2019-19560 - Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.5
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829
- https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf