* Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU's programming session.
* No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://asrg.io/security-advisories/CVE-2024-6347 |
History
Fri, 16 Aug 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Nissan-global
Nissan-global altima Nissan-global blind Spot Detection Sensor Ecu Firmware |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:h:nissan-global:altima:2022:*:*:*:*:*:*:* cpe:2.3:o:nissan-global:blind_spot_detection_sensor_ecu_firmware:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Nissan-global
Nissan-global altima Nissan-global blind Spot Detection Sensor Ecu Firmware |
|
Metrics |
cvssV3_1
|
Thu, 15 Aug 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 15 Aug 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | * Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU's programming session. * No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication. | |
Title | Unauthorized access to ECU functionality | |
Weaknesses | CWE-285 CWE-306 |
|
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: ASRG
Published: 2024-08-15T14:37:38.448Z
Updated: 2024-08-15T15:32:49.639Z
Reserved: 2024-06-26T10:31:24.420Z
Link: CVE-2024-6347
Vulnrichment
Updated: 2024-08-15T15:32:41.757Z
NVD
Status : Analyzed
Published: 2024-08-15T15:15:22.093
Modified: 2024-08-16T14:33:42.730
Link: CVE-2024-6347
Redhat
No data.