The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://asrg.io/security-advisories/cve-2023-28901/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: ASRG
Published: 2024-01-18T16:27:43.711Z
Updated: 2024-08-02T13:51:38.996Z
Reserved: 2023-03-27T14:51:13.968Z
Link: CVE-2023-28901
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-18T17:15:14.003
Modified: 2024-01-26T15:01:23.443
Link: CVE-2023-28901
Redhat
No data.