// For flags

CVE-2018-1170

Volkswagen Customer-Link App Protection Mechanism Failure CAN Message Injection Vulnerability

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Customer-Link App and Customer-Link Bridge. The issue results from the lack of a proper protection mechanism against unauthorized firmware updates. An attacker can leverage this vulnerability to inject CAN messages. Was ZDI-CAN-5264.

Esta vulnerabilidad permite que atacantes adyacentes inyecten mensajes Controller Area Network arbitrarios en instalaciones vulnerables de Volkswagen Customer-Link App 1.30 y HTC Customer-Link Bridge. No se requiere autenticación para explotar esta vulnerabilidad. Este error en concreto existe en Customer-Link App y Customer-Link Bridge. El problema resulta de la falta de un mecanismo de protección adecuado contra actualizaciones de firmware no autorizadas. Un atacante puede aprovechar esta vulnerabilidad para inyectar mensajes CAN. Anteriormente era ZDI-CAN-5264.

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Customer-Link App and Customer-Link Bridge. The issue results from the lack of a proper protection mechanism against unauthorized firmware updates. An attacker can leverage this vulnerability to inject CAN messages.

*Credits: Aaron LuoSpencer Hsieh (TrendMicro)
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-12-05 CVE Reserved
  • 2018-02-27 CVE Published
  • 2023-07-23 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-693: Protection Mechanism Failure
CAPEC
References (1)
URL Tag Source
https://zerodayinitiative.com/advisories/ZDI-18-214 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Htc
Search vendor "Htc"
 Customer-link Bridge
Search vendor "Htc" for product "Customer-link Bridge"
--
Affected
Volkswagen
Search vendor "Volkswagen"
 Customer-link
Search vendor "Volkswagen" for product "Customer-link"
 1.30
Search vendor "Volkswagen" for product "Customer-link" and version "1.30"
-
Affected