Vulnerabilities > BMW

DATE CVE VULNERABILITY TITLE RISK
2018-05-31 CVE-2018-9322 Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface.
local
low complexity
bmw CWE-693
7.8
7.8
2018-05-31 CVE-2018-9320 Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in.
local
low complexity
bmw CWE-693
7.8
7.8
2018-05-31 CVE-2018-9318 Protection Mechanism Failure vulnerability in BMW Telematics Control Unit Firmware
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network.
network
low complexity
bmw CWE-693
critical
 9.8
9.8
2018-05-31 CVE-2018-9314 Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who has direct physical access.
low complexity
bmw CWE-693
6.8
6.8
2018-05-31 CVE-2018-9313 Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via Bluetooth when in pairing mode, leading to a Head Unit reboot.
high complexity
bmw CWE-693
5.3
5.3
2018-05-31 CVE-2018-9312 Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in.
local
low complexity
bmw CWE-693
7.8
7.8
2018-05-31 CVE-2018-9311 Protection Mechanism Failure vulnerability in BMW Telematics Control Unit Firmware
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network.
network
low complexity
bmw CWE-693
critical
 9.8
9.8