Lucene search

MitreCVE-2023-39076

HistorySep 08, 2023 - 1:15 p.m.

CVE-2023-39076

2023-09-0813:15:07

mitre

web.nvd.nist.gov

cve-2023-39076

general motors

chevrolet equinox

2021 software

dos

nvd

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

4.7

Confidence

High

EPSS

Percentile

10.3%

JSON

Injecting random data into the USB memory area on a General Motors (GM) Chevrolet Equinox 2021 Software. 2021.03.26 (build version) vehicle causes a Denial of Service (DoS) in the in-car infotainment system.

Affected configurations

Nvd

Node

gmmylink_infotainment_systemMatch2021.3.26

AND

gmchevrolet_equinoxMatch2021

VendorProductVersionCPE
gmmylink_infotainment_system2021.3.26cpe:2.3:a:gm:mylink_infotainment_system:2021.3.26:*:*:*:*:*:*:*
gmchevrolet_equinox2021cpe:2.3:h:gm:chevrolet_equinox:2021:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gm	mylink_infotainment_system	2021.3.26	cpe:2.3:a:gm:mylink_infotainment_system:2021.3.26:::::::*
gm	chevrolet_equinox	2021	cpe:2.3:h:gm:chevrolet_equinox:2021:::::::*

References

blog.dhjeong.kr/posts/vuln/202307/gm-chevrolet/

blog.jhyeon.dev/posts/vuln/202307/gm-chevrolet/

nvd.nist.gov/vuln/detail/CVE-2023-39076

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

4.7

Confidence

High

EPSS

Percentile

10.3%

JSON

Related for CVE-2023-39076