16.01.2023

CVSS 4.6 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

renault

NVD

Published: 2023-08-03

Updated: 2023-12-12

Summary

Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device.

Vulnerable Configurations

Part	Description	Count
OS	Renault Renault ZOE EV 2021 Firmware 11.10.2021 Renault ZOE EV 2021 Firmware 16.01.2023	2
Hardware	Renault Renault ZOE EV 2021 -	1

References

https://blog.jhyeon.dev/posts/vuln/202307/renault-zoe/
https://nvd.nist.gov/vuln/detail/CVE-2023-39075
https://blog.dhjeong.kr/posts/vuln/202307/renault-zoe/
https://blog.dhjeong.kr/posts/automotive/2023/12/how-to-fuzzing-realcars/