CVE-2024-6347 – Unauthorized access to ECU functionality

https://notcve.org/view.php?id=CVE-2024-6347

15 Aug 2024 — * Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU's programming session. * No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication. • https://asrg.io/security-advisories/CVE-2024-6347 • CWE-285: Improper Authorization CWE-306: Missing Authentication for Critical Function •