The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ASRG

Published: 2024-01-18T16:27:43.711Z

Updated: 2024-08-02T13:51:38.996Z

Reserved: 2023-03-27T14:51:13.968Z

Link: CVE-2023-28901

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-18T17:15:14.003

Modified: 2024-11-21T07:56:14.760

Link: CVE-2023-28901

cve-icon Redhat

No data.