CVE-2023-34399
CRITICALMercedes-Benz Headunit NTG6 < 2021 - Integer Overflow in Boost Library Serialization
Title source: llmDescription
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow.
References (1)
Core 1
Core References
Third Party Advisory
https://securelist.com/mercedes-benz-head-unit-security-research/115218/
Scores
CVSS v3
9.8
EPSS
0.0069
EPSS Percentile
47.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-190
Status
published
Products (1)
mercedes-benz/headunit_ntg6_mercedes-benz_user_experience
< 2021
Published
Feb 13, 2025
Tracked Since
Feb 18, 2026