Vulnerabilities > CVE-2023-28899 - Unspecified vulnerability in Skoda-Auto Superb 3 Firmware

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

skoda-auto

NVD

Published: 2024-01-12

Updated: 2024-10-25

Summary

By sending a specific reset UDS request via OBDII port of Skoda vehicles, it is possible to cause vehicle engine shutdown and denial of service of other vehicle components even when the vehicle is moving at a high speed. No safety critical functions affected.

Vulnerable Configurations

Part	Description	Count
OS	Skoda-Auto Skoda Auto Superb 3 Firmware -	1
Hardware	Skoda-Auto Skoda Auto Superb 3 -	1

References

https://asrg.io/security-advisories/cve-2023-28899