The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://asrg.io/security-advisories/cve-2023-28901/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: ASRG
Published: 2024-01-18T16:27:43.711Z
Updated: 2024-08-02T13:51:38.996Z
Reserved: 2023-03-27T14:51:13.968Z
Link: CVE-2023-28901
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-18T17:15:14.003
Modified: 2024-11-21T07:56:14.760
Link: CVE-2023-28901
Redhat
No data.