Authentication flaw

2020-11-1600:15:00

PRIOn knowledge base

www.prio-n.com

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.5%

JSON

An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information.

CPENameOperatorVersion
hermeseq2.1

CPE	Name	Operator	Version
	hermes	eq	2.1

References

media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829

skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf