Vulnerabilities > CVE-2023-23590 - Unspecified vulnerability in Mercedes-Benz Xentry Retail Data Storage Firmware 7.8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
References
- https://b2bconnect.mercedes-benz.com/gb/workshop-solutions/diagnosis/retail-data-storage
- https://b2bconnect.mercedes-benz.com/gb/workshop-solutions/diagnosis/retail-data-storage
- https://medium.com/%40windsormoreira/xentry-retail-data-storage-v7-8-1-denial-of-service-cve-2023-23590-60b65f5fa358
- https://medium.com/%40windsormoreira/xentry-retail-data-storage-v7-8-1-denial-of-service-cve-2023-23590-60b65f5fa358