CVE-2023-34402

High

Published: 13 February 2025

Published

13 February 2025

Modified

27 June 2025

KEV Added

—

Patch

—

CVSS Score 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS Score 0.0014 34.3th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights.

Security Summary

CVE-2023-34402 is a vulnerability in the Mercedes-Benz head-unit NTG6, which includes functions for importing or exporting profile settings over USB. During processing, an encapsulated file inside the imported file is dropped by the service. Due to missing checks, this enables arbitrary file write with the privileges of the speech service. The issue is associated with CWE-787 and carries a CVSS score of 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H).

An attacker with local access can exploit the vulnerability by crafting a malicious USB file for profile import, requiring no privileges or user interaction. Exploitation results in arbitrary file write capabilities under the speech service's rights, potentially compromising file integrity and availability.

The primary advisory reference is available at https://securelist.com/mercedes-benz-head-unit-security-research/115218/, which details the Mercedes-Benz head-unit security research.

Details

CWE(s): CWE-787

Affected Products

mercedes-benz

headunit ntg6 mercedes-benz user experience

≤ 2021

References

https://securelist.com/mercedes-benz-head-unit-security-research/115218/
Third Party Advisory · cve@mitre.org