{"vulnerability": "CVE-2023-2624", "sightings": [{"uuid": "8aba51ad-92b3-4c1b-b56f-06d255ee721d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26249", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7623", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26249\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response.\n\ud83d\udccf Published: 2023-02-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-14T18:32:24.994Z\n\ud83d\udd17 References:\n1. https://www.knot-resolver.cz/2023-01-26-knot-resolver-5.6.0.html", "creation_timestamp": "2025-03-14T18:44:56.000000Z"}, {"uuid": "7e96e6ee-a35b-42ea-b17a-252f093f5e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-26242", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "ee8352db-8261-4907-bd13-84b61dcf91ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26245", "type": "seen", "source": "https://t.me/arpsyndicate/1637", "content": "#ExploitObserverAlert\n\nCVE-2023-26245\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-26245. An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the version check in order to install any firmware version (e.g., newer, older, or customized). This indirectly allows an attacker to install custom firmware in the IVI system.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-10T14:41:02.000000Z"}, {"uuid": "098da48e-d0cb-427d-9a1d-e83947b4f7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26248", "type": "seen", "source": "https://t.me/cvedetector/8952", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-26248 - IPFS go-libp2p-kad-dht Sybil Attack\", \n  \"Content\": \"CVE ID : CVE-2023-26248 \nPublished : Oct. 25, 2024, 4:15 p.m. | 23\u00a0minutes ago \nDescription : The Kademlia DHT (go-libp2p-kad-dht 0.20.0 and earlier) used in IPFS (0.18.1 and earlier) assigns routing information for content (i.e., information about who holds the content) to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content by generating many Sybil peers whose peer IDs have a small distance from the content ID, thus hijacking the content resolution process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T18:45:23.000000Z"}, {"uuid": "4a0f2a7a-10aa-4751-844f-8a3631f7e45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26246", "type": "seen", "source": "https://t.me/arpsyndicate/520", "content": "#ExploitObserverAlert\n\nCVE-2023-26246\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-26246. An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to install custom firmware in the IVI system.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-24T07:35:40.000000Z"}, {"uuid": "a93dae19-6816-412a-bbe1-6b4fc17a0137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26244", "type": "seen", "source": "https://t.me/arpsyndicate/519", "content": "#ExploitObserverAlert\n\nCVE-2023-26244\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-26244. An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppDMClient binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check of AppUpgrade and .lge.upgrade.xml files, which are used during the firmware installation process. This indirectly allows an attacker to use a custom version of AppUpgrade and .lge.upgrade.xml files.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-24T07:11:36.000000Z"}, {"uuid": "165e9940-420c-4caf-b8ad-40a16b6d53aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26245", "type": "seen", "source": "https://t.me/cibsecurity/62961", "content": "\u203c CVE-2023-26245 \u203c\n\nAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the version check in order to install any firmware version (e.g., newer, older, or customized). This indirectly allows an attacker to install custom firmware in the IVI system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T07:39:58.000000Z"}, {"uuid": "95aaadbe-7b22-4e2c-8136-df823ef22542", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26246", "type": "seen", "source": "https://t.me/arpsyndicate/1624", "content": "#ExploitObserverAlert\n\nCVE-2023-26246\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-26246. An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to install custom firmware in the IVI system.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-10T13:06:47.000000Z"}, {"uuid": "f0cfa859-27ac-4262-8ce9-ca2b0d6fcf3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26243", "type": "seen", "source": "https://t.me/arpsyndicate/1653", "content": "#ExploitObserverAlert\n\nCVE-2023-26243\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-26243. An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to create custom firmware that may be installed in the IVI system. Then, an attacker may be able to install a backdoor in the IVI system that may allow him to control it, if it is connected to the Internet through Wi-Fi.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-10T16:20:18.000000Z"}, {"uuid": "1e6f68b4-8a23-403a-aa10-1a389b0b9e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26244", "type": "seen", "source": "https://t.me/arpsyndicate/1631", "content": "#ExploitObserverAlert\n\nCVE-2023-26244\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-26244. An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppDMClient binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check of AppUpgrade and .lge.upgrade.xml files, which are used during the firmware installation process. This indirectly allows an attacker to use a custom version of AppUpgrade and .lge.upgrade.xml files.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-10T14:04:57.000000Z"}, {"uuid": "8a4dd133-ed3d-42c6-950b-7bf90232c3d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26243", "type": "seen", "source": "https://t.me/cibsecurity/62959", "content": "\u203c CVE-2023-26243 \u203c\n\nAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to create custom firmware that may be installed in the IVI system. Then, an attacker may be able to install a backdoor in the IVI system that may allow him to control it, if it is connected to the Internet through Wi-Fi.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T07:39:56.000000Z"}, {"uuid": "22654e47-83c9-4ce4-a51d-7f2626985518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26244", "type": "seen", "source": "https://t.me/cibsecurity/62958", "content": "\u203c CVE-2023-26244 \u203c\n\nAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppDMClient binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check of AppUpgrade and .lge.upgrade.xml files, which are used during the firmware installation process. This indirectly allows an attacker to use a custom version of AppUpgrade and .lge.upgrade.xml files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T07:39:52.000000Z"}, {"uuid": "426b483c-2942-47ad-ae46-7e9ff3d940df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26242", "type": "seen", "source": "https://t.me/cibsecurity/58560", "content": "\u203c CVE-2023-26242 \u203c\n\nafu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T07:33:15.000000Z"}, {"uuid": "b6aa431c-1504-4393-8715-2689d03b5fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26249", "type": "seen", "source": "https://t.me/cibsecurity/58556", "content": "\u203c CVE-2023-26249 \u203c\n\nKnot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T07:26:38.000000Z"}]}