CVE Vulnerabilities

CVE-2023-28899

Published: Jan 12, 2024 | Modified: Jan 22, 2024
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

By sending a specific reset UDS request via OBDII port of Skoda vehicles, it is possible to cause vehicle engine shutdown and denial of service of other vehicle components even when the vehicle is moving at a high speed. No safety critical functions affected. 

Affected Software

Name Vendor Start Version End Version
Superb_3_firmware Skoda-auto - (including) - (including)

References