CVSS: 3.3EPSS: %CPEs: 1EXPL: 0CVE-2023-28902 – Denial of Service via integer underflow in picserver
https://notcve.org/view.php?id=CVE-2023-28902
28 Jun 2025 — An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 3.3EPSS: %CPEs: 1EXPL: 0CVE-2023-28903
https://notcve.org/view.php?id=CVE-2023-28903
28 Jun 2025 — An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.2EPSS: %CPEs: 1EXPL: 0CVE-2023-28904 – Bypass of secure boot process
https://notcve.org/view.php?id=CVE-2023-28904
28 Jun 2025 — A logic flaw leading to a RAM buffer overflow in the bootloader component of the MIB3 infotainment unit allows an attacker with physical access to the MIB3 ECU to bypass firmware signature verification and run arbitrary code in the infotainment system at boot process. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.0EPSS: %CPEs: 1EXPL: 0CVE-2023-28905 – Heap buffer overflow in picserver
https://notcve.org/view.php?id=CVE-2023-28905
28 Jun 2025 — A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2023-28906 – Command injection in networking service
https://notcve.org/view.php?id=CVE-2023-28906
28 Jun 2025 — A command injection in the networking service of the MIB3 infotainment allows an attacker already presenting in the system to escalate privileges and obtain administrative access to the system. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.7EPSS: %CPEs: 1EXPL: 0CVE-2023-28907 – A lack of access restrictions on internal memory regions
https://notcve.org/view.php?id=CVE-2023-28907
28 Jun 2025 — There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-284: Improper Access Control •
CVSS: 5.4EPSS: %CPEs: 1EXPL: 0CVE-2023-28908 – Integer Overflow in Non-Fragmented Data Reception
https://notcve.org/view.php?id=CVE-2023-28908
28 Jun 2025 — A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.0EPSS: %CPEs: 1EXPL: 0CVE-2023-28909 – Integer Overflow Leading to MTU Bypass
https://notcve.org/view.php?id=CVE-2023-28909
28 Jun 2025 — A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. An attacker can leverage this vulnerability to bypass the MTU check on a channel with enabled fragmentation. Consequently, this can lead to a buffer overflow in upper layer profiles, which can be used to obtain remote code execution. The vulnerability was originally discovere... • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.0EPSS: %CPEs: 1EXPL: 0CVE-2023-28910 – Disabled Abortion Flag
https://notcve.org/view.php?id=CVE-2023-28910
28 Jun 2025 — A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: %CPEs: 1EXPL: 0CVE-2023-28911 – Arbitrary Channel Disconnection Resulting in Denial of Service
https://notcve.org/view.php?id=CVE-2023-28911
28 Jun 2025 — A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconnection. An attacker can leverage this vulnerability to cause a denial-of-service attack for every connected client of the infotainment device. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is ... • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-20: Improper Input Validation •