Vulnerability Details CVE-2019-19557
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.2%
CVSS Severity
CVSS v3 Score 2.4
CVSS v2 Score 2.1
References
- https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829
- https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf
- https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829
- https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf