CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28901

The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.6%

CVSS Severity

CVSS v3 Score 5.3

References

https://asrg.io/security-advisories/cve-2023-28901/
https://asrg.io/security-advisories/cve-2023-28901/

Products affected by CVE-2023-28901

Skoda-Auto » Skoda Connect » Version: N/A

cpe:2.3:a:skoda-auto:skoda_connect:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28901

Products

Pricing

Contact Us