CVE-2023-28903
LOWVolkswagen MIB3 <0304 - DoS via Integer Overflow in Image Processing
Title source: llmDescription
An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system.
References (3)
Core 3
Core References
Vendor Advisory technical-description
https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2
Various Sources third-party-advisory
https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/
Scores
CVSS v3
3.3
EPSS
0.0021
EPSS Percentile
10.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-190
Status
published
Products (1)
Preh Car Connect GmbH (JOYNEXT GmbH)/Volkswagen MIB3 infotainment system MIB3 OI MQB
< 0304
Published
Jun 28, 2025
Tracked Since
Feb 18, 2026