CVE-2024-8357 – Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-8357
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. •
CVE-2024-8359 – Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8359
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. ... An attacker can leverage this vulnerability to execute code in the context of the device. •
CVE-2024-8356 – Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-8356
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the firmware update process of the VIP microcontroller. ... An attacker can leverage this vulnerability to escalate privileges execute arbitrary code in the context of the VIP MCU. •
CVE-2024-8358 – Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8358
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. ... An attacker can leverage this vulnerability to execute code in the context of the device. •
CVE-2024-8360 – Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8360
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. ... An attacker can leverage this vulnerability to execute code in the context of the device. •