CVE-2024-37600: Buffer Overflow
An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address, an attacker can connect via the internal network to the Service Broker service. With prepared HTTP requests, an attacker can cause the Service-Broker service to fail.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2024-37600?
CVE-2024-37600 has been rated as high severity due to the risk of a stack buffer overflow in the Service Broker service.
How do I fix CVE-2024-37600?
To mitigate CVE-2024-37600, users should ensure that physical access to the affected NTG 6 head units is restricted.
Which versions of Mercedes Benz NTG 6 are affected by CVE-2024-37600?
CVE-2024-37600 affects all versions of Mercedes Benz NTG 6 produced through 2021.
What are the potential impacts of exploiting CVE-2024-37600?
Exploitation of CVE-2024-37600 could lead to unauthorized access and possible manipulation of the affected head unit's functions.
Is physical access required to exploit CVE-2024-37600?
Yes, exploiting CVE-2024-37600 requires physical access to the Ethernet pins of the NTG 6 head unit base board.