Vulnerabilities > VW > ID Charger Connect Firmware > spr3.52
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-5684 | Insufficient Verification of Data Authenticity vulnerability in VW products An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. | 8.8 |