Vulnerability Details CVE-2023-28895
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip.
Vulnerability found on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.7%
CVSS Severity
CVSS v3 Score 3.5
References
Products affected by CVE-2023-28895
-
cpe:2.3:h:preh:mib3:-
-
cpe:2.3:o:preh:mib3_firmware:-