CVE-2023-34397: High severity Mercedes-Benz Headunit Ntg6 Mercedes-benz User Experience vulnerability
Published Feb 13, 2025
·Updated
Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed.
Affected Software
1 affected component
Mercedes-Benz Headunit Ntg6 Mercedes-benz User Experience<=2021
Event History
Feb 13, 2025
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Data Sourced
via NVD·10:15 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2023-34397?
CVE-2023-34397 is classified as a high-severity vulnerability due to its risk of crashing the service.
2
How do I fix CVE-2023-34397?
To mitigate CVE-2023-34397, ensure that your Mercedes-Benz head-unit NTG 6 software is updated to the latest version beyond 2021.
3
What are the potential impacts of CVE-2023-34397?
CVE-2023-34397 could lead to denial of service by crashing the head-unit when importing or exporting profile settings.
4
Is CVE-2023-34397 automatically exploited?
CVE-2023-34397 requires manual actions, such as using a USB device to exploit the vulnerability.
5
Who is affected by CVE-2023-34397?
CVE-2023-34397 affects users of the Mercedes-Benz head-unit NTG 6 model up to version 2021.