Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
9 vulnerabilities by bmw
VAR-201708-1401
Vulnerability from variot - Updated: 2023-12-18 13:02A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti 2014-2016 QX60 Hybrid, Infiniti 2014-2015 QX50, Infiniti 2014-2015 QX50 Hybrid, Infiniti 2013 M37/M56, Infiniti 2014-2016 Q70, Infiniti 2014-2016 Q70L, Infiniti 2015-2016 Q70 Hybrid, Infiniti 2013 QX56, Infiniti 2014-2016 QX 80, and Nissan 2011-2015 Leaf. An attacker with a physical connection to the TCU may exploit a buffer overflow condition that exists in the processing of AT commands. This may allow arbitrary code execution on the baseband radio processor of the TCU. The TCU is a 2G modem commonly used in modern cars produced by Continental AG to transmit data between cars and remote management tools such as web panels and mobile applications. Continental TCU has a stack buffer overflow vulnerability that affects TCUs using S-Gold 2 (PMB 8876) cellular baseband chips. Continental AG Infineon S-Gold 2 (PMB 8876) is prone to a remote code-execution vulnerability and a stack-based buffer-overflow vulnerability; fixes are available. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1401",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s-gold 2 pmb 8876",
"scope": "eq",
"trust": 1.6,
"vendor": "infineon",
"version": null
},
{
"model": "s-gold 2",
"scope": null,
"trust": 0.8,
"vendor": "infineon",
"version": null
},
{
"model": "leaf",
"scope": "eq",
"trust": 0.6,
"vendor": "nissan",
"version": "2011-2015"
},
{
"model": "jx3",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2013"
},
{
"model": "qx60",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "qx60 hybrid",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "qx50",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2015"
},
{
"model": "qx50 hybrid",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2015"
},
{
"model": "m37/m56",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2013"
},
{
"model": "q70",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "q70l",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "q70 hybrid",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2015-2016"
},
{
"model": "qx56",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2013"
},
{
"model": "qx",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-201680"
},
{
"model": "produced between",
"scope": "eq",
"trust": 0.6,
"vendor": "bmw",
"version": "2009-2010"
},
{
"model": "p-hev",
"scope": null,
"trust": 0.6,
"vendor": "ford",
"version": null
},
{
"model": "ag nissan leaf",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2011-20150"
},
{
"model": "ag infiniti q70 hybrid",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2015-20160"
},
{
"model": "ag infiniti qx60 hybrid",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti qx60",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti qx",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-2016800"
},
{
"model": "ag infiniti q70l",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti q70",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti qx50 hybrid",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20150"
},
{
"model": "ag infiniti qx50",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20150"
},
{
"model": "ag infiniti qx56",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "20130"
},
{
"model": "ag infiniti m37/m56",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "20130"
},
{
"model": "ag infiniti jx35",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "20130"
},
{
"model": "ag infineon s-gold (pmb",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "28876)0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "s gold 2 pmb 8876",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:infineon:s-gold_2_pmb_8876:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9647"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mickey Shkatov, Jesse Michael, and Oleksandr Bazhaniuk",
"sources": [
{
"db": "BID",
"id": "100132"
}
],
"trust": 0.3
},
"cve": "CVE-2017-9647",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-9647",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-18628",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-9647",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-9647",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-18628",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-590",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti 2014-2016 QX60 Hybrid, Infiniti 2014-2015 QX50, Infiniti 2014-2015 QX50 Hybrid, Infiniti 2013 M37/M56, Infiniti 2014-2016 Q70, Infiniti 2014-2016 Q70L, Infiniti 2015-2016 Q70 Hybrid, Infiniti 2013 QX56, Infiniti 2014-2016 QX 80, and Nissan 2011-2015 Leaf. An attacker with a physical connection to the TCU may exploit a buffer overflow condition that exists in the processing of AT commands. This may allow arbitrary code execution on the baseband radio processor of the TCU. The TCU is a 2G modem commonly used in modern cars produced by Continental AG to transmit data between cars and remote management tools such as web panels and mobile applications. Continental TCU has a stack buffer overflow vulnerability that affects TCUs using S-Gold 2 (PMB 8876) cellular baseband chips. Continental AG Infineon S-Gold 2 (PMB 8876) is prone to a remote code-execution vulnerability and a stack-based buffer-overflow vulnerability; fixes are available. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9647",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-17-208-01",
"trust": 3.3
},
{
"db": "BID",
"id": "100132",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-18628",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-590",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007278",
"trust": 0.8
},
{
"db": "IVD",
"id": "3280ABC1-3145-4FF6-91EB-0A0D63A93B91",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
]
},
"id": "VAR-201708-1401",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
}
]
},
"last_update_date": "2023-12-18T13:02:58.807000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "https://www.infineon.com/cms/jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"db": "NVD",
"id": "CVE-2017-9647"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-208-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100132"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9647"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9647"
},
{
"trust": 0.6,
"url": "http://securityaffairs.co/wordpress/61587/hacking/tcus-car-hacking.html"
},
{
"trust": 0.6,
"url": "https://media.defcon.org/def%20con%2025/def%20con%2025%20presentations/defcon-25-jesse-michael-and-mickey-shkatov-driving-down-the-rabbit-hole.pdf"
},
{
"trust": 0.3,
"url": "https://www.continental-corporation.com/en"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-03T00:00:00",
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"date": "2017-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"date": "2017-08-04T00:00:00",
"db": "BID",
"id": "100132"
},
{
"date": "2017-09-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"date": "2017-08-07T08:29:00.480000",
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"date": "2017-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18628"
},
{
"date": "2017-08-04T00:00:00",
"db": "BID",
"id": "100132"
},
{
"date": "2017-09-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007278"
},
{
"date": "2019-10-09T23:30:45.957000",
"db": "NVD",
"id": "CVE-2017-9647"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Continental TCU Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNVD",
"id": "CNVD-2017-18628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "3280abc1-3145-4ff6-91eb-0a0d63a93b91"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-590"
}
],
"trust": 0.8
}
}
VAR-201708-1418
Vulnerability from variot - Updated: 2023-12-18 13:02An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti 2014-2016 QX60 Hybrid, Infiniti 2014-2015 QX50, Infiniti 2014-2015 QX50 Hybrid, Infiniti 2013 M37/M56, Infiniti 2014-2016 Q70, Infiniti 2014-2016 Q70L, Infiniti 2015-2016 Q70 Hybrid, Infiniti 2013 QX56, Infiniti 2014-2016 QX 80, and Nissan 2011-2015 Leaf. A vulnerability in the temporary mobile subscriber identity (TMSI) may allow an attacker to access and control memory. This may allow remote code execution on the baseband radio processor of the TCU. BMW , Ford , Infiniti ,and Nissan On multiple models of Continental AG Infineon S-Gold 2 (PMB 8876) The chipset contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TCU is a 2G modem commonly used in modern cars produced by Continental AG to transmit data between cars and remote management tools such as web panels and mobile applications. Continental AG Infineon S-Gold 2 (PMB 8876) is prone to a remote code-execution vulnerability and a stack-based buffer-overflow vulnerability; fixes are available. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1418",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s-gold 2 pmb 8876",
"scope": "eq",
"trust": 1.6,
"vendor": "infineon",
"version": null
},
{
"model": "s-gold 2",
"scope": null,
"trust": 0.8,
"vendor": "infineon",
"version": null
},
{
"model": "leaf",
"scope": "eq",
"trust": 0.6,
"vendor": "nissan",
"version": "2011-2015"
},
{
"model": "jx3",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2013"
},
{
"model": "qx60",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "qx60 hybrid",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "qx50",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2015"
},
{
"model": "qx50 hybrid",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2015"
},
{
"model": "m37/m56",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2013"
},
{
"model": "q70",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "q70l",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-2016"
},
{
"model": "q70 hybrid",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2015-2016"
},
{
"model": "qx56",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2013"
},
{
"model": "qx",
"scope": "eq",
"trust": 0.6,
"vendor": "infiniti",
"version": "2014-201680"
},
{
"model": "produced between",
"scope": "eq",
"trust": 0.6,
"vendor": "bmw",
"version": "2009-2010"
},
{
"model": "p-hev",
"scope": null,
"trust": 0.6,
"vendor": "ford",
"version": null
},
{
"model": "ag nissan leaf",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2011-20150"
},
{
"model": "ag infiniti q70 hybrid",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2015-20160"
},
{
"model": "ag infiniti qx60 hybrid",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti qx60",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti qx",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-2016800"
},
{
"model": "ag infiniti q70l",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti q70",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20160"
},
{
"model": "ag infiniti qx50 hybrid",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20150"
},
{
"model": "ag infiniti qx50",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "2014-20150"
},
{
"model": "ag infiniti qx56",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "20130"
},
{
"model": "ag infiniti m37/m56",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "20130"
},
{
"model": "ag infiniti jx35",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "20130"
},
{
"model": "ag infineon s-gold (pmb",
"scope": "eq",
"trust": 0.3,
"vendor": "continental",
"version": "28876)0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "s gold 2 pmb 8876",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:infineon:s-gold_2_pmb_8876:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9633"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mickey Shkatov, Jesse Michael, and Oleksandr Bazhaniuk",
"sources": [
{
"db": "BID",
"id": "100132"
}
],
"trust": 0.3
},
"cve": "CVE-2017-9633",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-9633",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-18627",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-9633",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-9633",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-18627",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-875",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti 2014-2016 QX60 Hybrid, Infiniti 2014-2015 QX50, Infiniti 2014-2015 QX50 Hybrid, Infiniti 2013 M37/M56, Infiniti 2014-2016 Q70, Infiniti 2014-2016 Q70L, Infiniti 2015-2016 Q70 Hybrid, Infiniti 2013 QX56, Infiniti 2014-2016 QX 80, and Nissan 2011-2015 Leaf. A vulnerability in the temporary mobile subscriber identity (TMSI) may allow an attacker to access and control memory. This may allow remote code execution on the baseband radio processor of the TCU. BMW , Ford , Infiniti ,and Nissan On multiple models of Continental AG Infineon S-Gold 2 (PMB 8876) The chipset contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TCU is a 2G modem commonly used in modern cars produced by Continental AG to transmit data between cars and remote management tools such as web panels and mobile applications. Continental AG Infineon S-Gold 2 (PMB 8876) is prone to a remote code-execution vulnerability and a stack-based buffer-overflow vulnerability; fixes are available. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9633",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-17-208-01",
"trust": 3.3
},
{
"db": "BID",
"id": "100132",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-18627",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-875",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007277",
"trust": 0.8
},
{
"db": "IVD",
"id": "E123AF2D-E7C8-4ADA-9BD8-BF07C0F405D8",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
]
},
"id": "VAR-201708-1418",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
}
]
},
"last_update_date": "2023-12-18T13:02:58.771000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "https://www.infineon.com/cms/jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"db": "NVD",
"id": "CVE-2017-9633"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-208-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100132"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9633"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9633"
},
{
"trust": 0.6,
"url": "http://securityaffairs.co/wordpress/61587/hacking/tcus-car-hacking.html"
},
{
"trust": 0.6,
"url": "https://media.defcon.org/def%20con%2025/def%20con%2025%20presentations/defcon-25-jesse-michael-and-mickey-shkatov-driving-down-the-rabbit-hole.pdf"
},
{
"trust": 0.3,
"url": "https://www.continental-corporation.com/en"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"db": "BID",
"id": "100132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-03T00:00:00",
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"date": "2017-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"date": "2017-08-04T00:00:00",
"db": "BID",
"id": "100132"
},
{
"date": "2017-09-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"date": "2017-08-07T08:29:00.447000",
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"date": "2017-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18627"
},
{
"date": "2017-08-04T00:00:00",
"db": "BID",
"id": "100132"
},
{
"date": "2017-09-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007277"
},
{
"date": "2019-10-09T23:30:44.360000",
"db": "NVD",
"id": "CVE-2017-9633"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Continental TCU Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNVD",
"id": "CNVD-2017-18627"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e123af2d-e7c8-4ada-9bd8-bf07c0f405d8"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-875"
}
],
"trust": 0.8
}
}
VAR-201805-1015
Vulnerability from variot - Updated: 2023-12-18 12:01The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface. An attacker can bypass the code-signing protection mechanism for firmware updates, and consequently obtain a root shell. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1015",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "head unit hu nbt",
"scope": "eq",
"trust": 1.6,
"vendor": "bmw",
"version": null
},
{
"model": "head unit hu nbt",
"scope": null,
"trust": 0.8,
"vendor": "bmw",
"version": null
},
{
"model": "motoren werke ag bmw i series",
"scope": "gte",
"trust": 0.6,
"vendor": "bayerische",
"version": "2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "x\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "3\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "5\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "7\u003e=2012,\u003c=2018"
},
{
"model": "infotainment system telematics",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "control unit",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "central gateway module",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bmw:head_unit_hu_nbt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bmw:head_unit_hu_nbt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9322"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keen Security Lab and Tencent.",
"sources": [
{
"db": "BID",
"id": "104258"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
],
"trust": 0.9
},
"cve": "CVE-2018-9322",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9322",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-11310",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-139354",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9322",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9322",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-11310",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-1153",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-139354",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-9322",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"db": "VULHUB",
"id": "VHN-139354"
},
{
"db": "VULMON",
"id": "CVE-2018-9322"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface. An attacker can bypass the code-signing protection mechanism for firmware updates, and consequently obtain a root shell. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities:\n1. A local code-execution vulnerability\n2. A security-bypass vulnerability\n3. A denial-of-service vulnerability\n4. Multiple remote code-execution vulnerabilities\nAn attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "VULHUB",
"id": "VHN-139354"
},
{
"db": "VULMON",
"id": "CVE-2018-9322"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9322",
"trust": 3.5
},
{
"db": "BID",
"id": "104258",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1153",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11310",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139354",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9322",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"db": "VULHUB",
"id": "VHN-139354"
},
{
"db": "VULMON",
"id": "CVE-2018-9322"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
]
},
"id": "VAR-201805-1015",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"db": "VULHUB",
"id": "VHN-139354"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11310"
}
]
},
"last_update_date": "2023-12-18T12:01:56.478000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.bmw.com/en/index.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"title": "usb-device-security",
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-9322"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-693",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139354"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"db": "NVD",
"id": "CVE-2018-9322"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/104258"
},
{
"trust": 2.1,
"url": "https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9322"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9322"
},
{
"trust": 0.3,
"url": "https://www.bmw.com/en/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"db": "VULHUB",
"id": "VHN-139354"
},
{
"db": "VULMON",
"id": "CVE-2018-9322"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"db": "VULHUB",
"id": "VHN-139354"
},
{
"db": "VULMON",
"id": "CVE-2018-9322"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-139354"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9322"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"date": "2018-05-31T12:29:00.580000",
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11310"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-139354"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9322"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005491"
},
{
"date": "2018-06-29T18:53:51.157000",
"db": "NVD",
"id": "CVE-2018-9322"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural BMW In the series Head Unit HU_NBT Vulnerabilities related to failure of protection mechanisms in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005491"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1153"
}
],
"trust": 0.6
}
}
VAR-201805-1011
Vulnerability from variot - Updated: 2023-12-18 12:01The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via Bluetooth when in pairing mode, leading to a Head Unit reboot. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Service operation interruption (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). A remote attacker can use this vulnerability to cause HeadUnit to restart with Bluetooth. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "head unit hu nbt",
"scope": "eq",
"trust": 1.6,
"vendor": "bmw",
"version": null
},
{
"model": "head unit hu nbt",
"scope": null,
"trust": 0.8,
"vendor": "bmw",
"version": null
},
{
"model": "motoren werke ag bmw i series",
"scope": "gte",
"trust": 0.6,
"vendor": "bayerische",
"version": "2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "x\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "3\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "5\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "7\u003e=2012,\u003c=2018"
},
{
"model": "infotainment system telematics",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "control unit",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "central gateway module",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bmw:head_unit_hu_nbt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bmw:head_unit_hu_nbt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9313"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keen Security Lab and Tencent.",
"sources": [
{
"db": "BID",
"id": "104258"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
],
"trust": 0.9
},
"cve": "CVE-2018-9313",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 5.7,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-9313",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11272",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-139345",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-9313",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9313",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-11272",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-1156",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-139345",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-9313",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"db": "VULHUB",
"id": "VHN-139345"
},
{
"db": "VULMON",
"id": "CVE-2018-9313"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via Bluetooth when in pairing mode, leading to a Head Unit reboot. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Service operation interruption (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). A remote attacker can use this vulnerability to cause HeadUnit to restart with Bluetooth. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities:\n1. A local code-execution vulnerability\n2. A security-bypass vulnerability\n3. A denial-of-service vulnerability\n4. Multiple remote code-execution vulnerabilities\nAn attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "VULHUB",
"id": "VHN-139345"
},
{
"db": "VULMON",
"id": "CVE-2018-9313"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9313",
"trust": 3.5
},
{
"db": "BID",
"id": "104258",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1156",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11272",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139345",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9313",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"db": "VULHUB",
"id": "VHN-139345"
},
{
"db": "VULMON",
"id": "CVE-2018-9313"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
]
},
"id": "VAR-201805-1011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"db": "VULHUB",
"id": "VHN-139345"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11272"
}
]
},
"last_update_date": "2023-12-18T12:01:56.443000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.bmw.com/en/index.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-9313"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-693",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139345"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"db": "NVD",
"id": "CVE-2018-9313"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/104258"
},
{
"trust": 2.1,
"url": "https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9313"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9313"
},
{
"trust": 0.3,
"url": "https://www.bmw.com/en/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"db": "VULHUB",
"id": "VHN-139345"
},
{
"db": "VULMON",
"id": "CVE-2018-9313"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"db": "VULHUB",
"id": "VHN-139345"
},
{
"db": "VULMON",
"id": "CVE-2018-9313"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-139345"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9313"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"date": "2018-05-31T12:29:00.393000",
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11272"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-139345"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9313"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005487"
},
{
"date": "2018-06-29T18:51:03.993000",
"db": "NVD",
"id": "CVE-2018-9313"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural BMW In the series Head Unit HU_NBT Vulnerabilities related to failure of protection mechanisms in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005487"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1156"
}
],
"trust": 0.6
}
}
VAR-201805-1009
Vulnerability from variot - Updated: 2023-12-18 12:01The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. BMWvehicles and others are automotive products of the German BMW (BayerischeMotorenWerkeAG) company. There is a security hole in the TelematicsControlUnit in BMW cars (cars produced in 2012-2018). An attacker can exploit a vulnerability for a ranged attack. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. BMW vehicles, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1009",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "telematics control unit",
"scope": "eq",
"trust": 1.6,
"vendor": "bmw",
"version": null
},
{
"model": "telematics control unit",
"scope": null,
"trust": 0.8,
"vendor": "bmw",
"version": null
},
{
"model": "motoren werke ag infotainment system telematics",
"scope": null,
"trust": 0.6,
"vendor": "bayerische",
"version": null
},
{
"model": "motoren werke ag control unit",
"scope": null,
"trust": 0.6,
"vendor": "bayerische",
"version": null
},
{
"model": "motoren werke ag central gateway module",
"scope": null,
"trust": 0.6,
"vendor": "bayerische",
"version": null
},
{
"model": "infotainment system telematics",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "control unit",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "central gateway module",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bmw:telematics_control_unit_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bmw:telematics_control_unit:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9311"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keen Security Lab and Tencent.",
"sources": [
{
"db": "BID",
"id": "104258"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
],
"trust": 0.9
},
"cve": "CVE-2018-9311",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9311",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11274",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-139343",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9311",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9311",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-11274",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-1158",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-139343",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-9311",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"db": "VULHUB",
"id": "VHN-139343"
},
{
"db": "VULMON",
"id": "CVE-2018-9311"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. BMWvehicles and others are automotive products of the German BMW (BayerischeMotorenWerkeAG) company. There is a security hole in the TelematicsControlUnit in BMW cars (cars produced in 2012-2018). An attacker can exploit a vulnerability for a ranged attack. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities:\n1. A local code-execution vulnerability\n2. A security-bypass vulnerability\n3. A denial-of-service vulnerability\n4. Multiple remote code-execution vulnerabilities\nAn attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. BMW vehicles, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "VULHUB",
"id": "VHN-139343"
},
{
"db": "VULMON",
"id": "CVE-2018-9311"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "104258",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2018-9311",
"trust": 3.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1158",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11274",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139343",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9311",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"db": "VULHUB",
"id": "VHN-139343"
},
{
"db": "VULMON",
"id": "CVE-2018-9311"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
]
},
"id": "VAR-201805-1009",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"db": "VULHUB",
"id": "VHN-139343"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11274"
}
]
},
"last_update_date": "2023-12-18T12:01:56.404000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.bmw.com/en/index.html"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-9311"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-693",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139343"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"db": "NVD",
"id": "CVE-2018-9311"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/104258"
},
{
"trust": 2.9,
"url": "https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf"
},
{
"trust": 1.9,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9311"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9311"
},
{
"trust": 0.3,
"url": "https://www.bmw.com/en/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"db": "VULHUB",
"id": "VHN-139343"
},
{
"db": "VULMON",
"id": "CVE-2018-9311"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"db": "VULHUB",
"id": "VHN-139343"
},
{
"db": "VULMON",
"id": "CVE-2018-9311"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-139343"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9311"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"date": "2018-05-31T12:29:00.283000",
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11274"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-139343"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9311"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005492"
},
{
"date": "2018-06-29T18:03:20.083000",
"db": "NVD",
"id": "CVE-2018-9311"
},
{
"date": "2020-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Telematics Control Unit Vulnerability in protection mechanism",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005492"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1158"
}
],
"trust": 0.6
}
}
VAR-201805-1012
Vulnerability from variot - Updated: 2023-12-18 12:01The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who has direct physical access. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1012",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "head unit hu nbt",
"scope": "eq",
"trust": 1.6,
"vendor": "bmw",
"version": null
},
{
"model": "head unit hu nbt",
"scope": null,
"trust": 0.8,
"vendor": "bmw",
"version": null
},
{
"model": "motoren werke ag bmw i series",
"scope": "gte",
"trust": 0.6,
"vendor": "bayerische",
"version": "2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "x\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "3\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "5\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "7\u003e=2012,\u003c=2018"
},
{
"model": "infotainment system telematics",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "control unit",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "central gateway module",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bmw:head_unit_hu_nbt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bmw:head_unit_hu_nbt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9314"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keen Security Lab and Tencent.",
"sources": [
{
"db": "BID",
"id": "104258"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
],
"trust": 0.9
},
"cve": "CVE-2018-9314",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9314",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11273",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-139346",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9314",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9314",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-11273",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-1157",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-139346",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-9314",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"db": "VULHUB",
"id": "VHN-139346"
},
{
"db": "VULMON",
"id": "CVE-2018-9314"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who has direct physical access. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities:\n1. A local code-execution vulnerability\n2. A security-bypass vulnerability\n3. A denial-of-service vulnerability\n4. Multiple remote code-execution vulnerabilities\nAn attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "VULHUB",
"id": "VHN-139346"
},
{
"db": "VULMON",
"id": "CVE-2018-9314"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9314",
"trust": 3.5
},
{
"db": "BID",
"id": "104258",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1157",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11273",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139346",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9314",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"db": "VULHUB",
"id": "VHN-139346"
},
{
"db": "VULMON",
"id": "CVE-2018-9314"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
]
},
"id": "VAR-201805-1012",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"db": "VULHUB",
"id": "VHN-139346"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11273"
}
]
},
"last_update_date": "2023-12-18T12:01:56.367000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.bmw.com/en/index.html"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-9314"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-693",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139346"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"db": "NVD",
"id": "CVE-2018-9314"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/104258"
},
{
"trust": 2.1,
"url": "https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9314"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9314"
},
{
"trust": 0.3,
"url": "https://www.bmw.com/en/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144331"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"db": "VULHUB",
"id": "VHN-139346"
},
{
"db": "VULMON",
"id": "CVE-2018-9314"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"db": "VULHUB",
"id": "VHN-139346"
},
{
"db": "VULMON",
"id": "CVE-2018-9314"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-139346"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9314"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"date": "2018-05-31T12:29:00.440000",
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11273"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-139346"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9314"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005488"
},
{
"date": "2018-06-29T18:04:29.210000",
"db": "NVD",
"id": "CVE-2018-9314"
},
{
"date": "2020-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural BMW In the series Head Unit HU_NBT Vulnerabilities related to failure of protection mechanisms in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005488"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1157"
}
],
"trust": 0.6
}
}
VAR-201805-1014
Vulnerability from variot - Updated: 2023-12-18 12:01The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1014",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "head unit hu nbt",
"scope": "eq",
"trust": 1.6,
"vendor": "bmw",
"version": null
},
{
"model": "head unit hu nbt",
"scope": null,
"trust": 0.8,
"vendor": "bmw",
"version": null
},
{
"model": "motoren werke ag bmw i series",
"scope": "gte",
"trust": 0.6,
"vendor": "bayerische",
"version": "2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "x\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "3\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "5\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "7\u003e=2012,\u003c=2018"
},
{
"model": "infotainment system telematics",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "control unit",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "central gateway module",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bmw:head_unit_hu_nbt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bmw:head_unit_hu_nbt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9320"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keen Security Lab and Tencent.",
"sources": [
{
"db": "BID",
"id": "104258"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
],
"trust": 0.9
},
"cve": "CVE-2018-9320",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9320",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11270",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-139352",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9320",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9320",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-11270",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-1154",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-139352",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-9320",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"db": "VULHUB",
"id": "VHN-139352"
},
{
"db": "VULMON",
"id": "CVE-2018-9320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities:\n1. A local code-execution vulnerability\n2. A security-bypass vulnerability\n3. A denial-of-service vulnerability\n4. Multiple remote code-execution vulnerabilities\nAn attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "VULHUB",
"id": "VHN-139352"
},
{
"db": "VULMON",
"id": "CVE-2018-9320"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9320",
"trust": 3.5
},
{
"db": "BID",
"id": "104258",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1154",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11270",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139352",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9320",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"db": "VULHUB",
"id": "VHN-139352"
},
{
"db": "VULMON",
"id": "CVE-2018-9320"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
]
},
"id": "VAR-201805-1014",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"db": "VULHUB",
"id": "VHN-139352"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11270"
}
]
},
"last_update_date": "2023-12-18T12:01:56.332000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.bmw.com/en/index.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"title": "usb-device-security",
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-9320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-693",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139352"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"db": "NVD",
"id": "CVE-2018-9320"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/104258"
},
{
"trust": 2.1,
"url": "https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9320"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9320"
},
{
"trust": 0.3,
"url": "https://www.bmw.com/en/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"db": "VULHUB",
"id": "VHN-139352"
},
{
"db": "VULMON",
"id": "CVE-2018-9320"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"db": "VULHUB",
"id": "VHN-139352"
},
{
"db": "VULMON",
"id": "CVE-2018-9320"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-139352"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9320"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"date": "2018-05-31T12:29:00.517000",
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11270"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-139352"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9320"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005490"
},
{
"date": "2018-06-29T18:51:18.633000",
"db": "NVD",
"id": "CVE-2018-9320"
},
{
"date": "2020-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural BMW In the series Head Unit HU_NBT Vulnerabilities related to failure of protection mechanisms in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005490"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1154"
}
],
"trust": 0.6
}
}
VAR-201805-1010
Vulnerability from variot - Updated: 2023-12-18 12:01The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1010",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "head unit hu nbt",
"scope": "eq",
"trust": 1.6,
"vendor": "bmw",
"version": null
},
{
"model": "head unit hu nbt",
"scope": null,
"trust": 0.8,
"vendor": "bmw",
"version": null
},
{
"model": "motoren werke ag bmw i series",
"scope": "gte",
"trust": 0.6,
"vendor": "bayerische",
"version": "2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "x\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "3\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "5\u003e=2012,\u003c=2018"
},
{
"model": "motoren werke ag bmw series",
"scope": "eq",
"trust": 0.6,
"vendor": "bayerische",
"version": "7\u003e=2012,\u003c=2018"
},
{
"model": "infotainment system telematics",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "control unit",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "central gateway module",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bmw:head_unit_hu_nbt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bmw:head_unit_hu_nbt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9312"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keen Security Lab and Tencent.",
"sources": [
{
"db": "BID",
"id": "104258"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
],
"trust": 0.9
},
"cve": "CVE-2018-9312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9312",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11271",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-139344",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9312",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9312",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-11271",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-1155",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-139344",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-9312",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"db": "VULHUB",
"id": "VHN-139344"
},
{
"db": "VULMON",
"id": "CVE-2018-9312"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities:\n1. A local code-execution vulnerability\n2. A security-bypass vulnerability\n3. A denial-of-service vulnerability\n4. Multiple remote code-execution vulnerabilities\nAn attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "VULHUB",
"id": "VHN-139344"
},
{
"db": "VULMON",
"id": "CVE-2018-9312"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9312",
"trust": 3.5
},
{
"db": "BID",
"id": "104258",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1155",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11271",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139344",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9312",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"db": "VULHUB",
"id": "VHN-139344"
},
{
"db": "VULMON",
"id": "CVE-2018-9312"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
]
},
"id": "VAR-201805-1010",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"db": "VULHUB",
"id": "VHN-139344"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11271"
}
]
},
"last_update_date": "2023-12-18T12:01:56.296000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.bmw.com/en/index.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"title": "usb-device-security",
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-9312"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-693",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139344"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"db": "NVD",
"id": "CVE-2018-9312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/104258"
},
{
"trust": 2.1,
"url": "https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9312"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9312"
},
{
"trust": 0.3,
"url": "https://www.bmw.com/en/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"db": "VULHUB",
"id": "VHN-139344"
},
{
"db": "VULMON",
"id": "CVE-2018-9312"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"db": "VULHUB",
"id": "VHN-139344"
},
{
"db": "VULMON",
"id": "CVE-2018-9312"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-139344"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9312"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"date": "2018-05-31T12:29:00.330000",
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11271"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-139344"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9312"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005486"
},
{
"date": "2018-06-29T18:51:46.747000",
"db": "NVD",
"id": "CVE-2018-9312"
},
{
"date": "2020-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural BMW In the series Head Unit HU_NBT Vulnerabilities related to failure of protection mechanisms in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005486"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1155"
}
],
"trust": 0.6
}
}
VAR-201805-1013
Vulnerability from variot - Updated: 2023-12-18 12:01The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. BMWvehicles and others are automotive products of the German BMW (BayerischeMotorenWerkeAG) company. There is a security hole in the Telematics ControlUnit on the BMW (models produced in 2012-2018). Allows an attacker to conduct a ranged attack. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. BMW vehicles, etc. Remote attackers can exploit this vulnerability to attack the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "telematics control unit",
"scope": "eq",
"trust": 1.6,
"vendor": "bmw",
"version": null
},
{
"model": "telematics control unit",
"scope": null,
"trust": 0.8,
"vendor": "bmw",
"version": null
},
{
"model": "motoren werke ag infotainment system telematics",
"scope": null,
"trust": 0.6,
"vendor": "bayerische",
"version": null
},
{
"model": "motoren werke ag control unit",
"scope": null,
"trust": 0.6,
"vendor": "bayerische",
"version": null
},
{
"model": "motoren werke ag central gateway module",
"scope": null,
"trust": 0.6,
"vendor": "bayerische",
"version": null
},
{
"model": "infotainment system telematics",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "control unit",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
},
{
"model": "central gateway module",
"scope": "eq",
"trust": 0.3,
"vendor": "bmw",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bmw:telematics_control_unit_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bmw:telematics_control_unit:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9318"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Keen Security Lab and Tencent.",
"sources": [
{
"db": "BID",
"id": "104258"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
],
"trust": 0.9
},
"cve": "CVE-2018-9318",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9318",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11277",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-139350",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9318",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9318",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-11277",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-1159",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-139350",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-9318",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"db": "VULHUB",
"id": "VHN-139350"
},
{
"db": "VULMON",
"id": "CVE-2018-9318"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. BMWvehicles and others are automotive products of the German BMW (BayerischeMotorenWerkeAG) company. There is a security hole in the Telematics ControlUnit on the BMW (models produced in 2012-2018). Allows an attacker to conduct a ranged attack. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities:\n1. A local code-execution vulnerability\n2. A security-bypass vulnerability\n3. A denial-of-service vulnerability\n4. Multiple remote code-execution vulnerabilities\nAn attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. BMW vehicles, etc. Remote attackers can exploit this vulnerability to attack the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "VULHUB",
"id": "VHN-139350"
},
{
"db": "VULMON",
"id": "CVE-2018-9318"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9318",
"trust": 3.5
},
{
"db": "BID",
"id": "104258",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1159",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11277",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139350",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9318",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"db": "VULHUB",
"id": "VHN-139350"
},
{
"db": "VULMON",
"id": "CVE-2018-9318"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
]
},
"id": "VAR-201805-1013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"db": "VULHUB",
"id": "VHN-139350"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11277"
}
]
},
"last_update_date": "2023-12-18T12:01:56.260000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.bmw.com/en/index.html"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-9318"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-693",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139350"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"db": "NVD",
"id": "CVE-2018-9318"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/104258"
},
{
"trust": 2.1,
"url": "https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9318"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9318"
},
{
"trust": 0.3,
"url": "https://www.bmw.com/en/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"db": "VULHUB",
"id": "VHN-139350"
},
{
"db": "VULMON",
"id": "CVE-2018-9318"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"db": "VULHUB",
"id": "VHN-139350"
},
{
"db": "VULMON",
"id": "CVE-2018-9318"
},
{
"db": "BID",
"id": "104258"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-139350"
},
{
"date": "2018-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9318"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"date": "2018-05-31T12:29:00.487000",
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"date": "2018-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11277"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-139350"
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9318"
},
{
"date": "2018-05-22T00:00:00",
"db": "BID",
"id": "104258"
},
{
"date": "2018-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005489"
},
{
"date": "2018-06-29T17:48:37.037000",
"db": "NVD",
"id": "CVE-2018-9318"
},
{
"date": "2020-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BMW Onboard Telematics Control Unit Vulnerability in protection mechanism",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005489"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-1159"
}
],
"trust": 0.6
}
}