CVE-2023-39075

CVE-2023-39075 is a medium-severity vulnerability in Renault Zoe Ev 2021 Firmware with a CVSS 3.x base score of 4.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device.

Frequently asked questions

What is CVE-2023-39075?
Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device.
How severe is CVE-2023-39075?
CVE-2023-39075 has a CVSS 3.x base score of 4.6, rated medium severity. It is exploitable over physical access with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
Is CVE-2023-39075 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (36th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2023-39075?
CVE-2023-39075 affects Renault Zoe Ev 2021 Firmware. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2023-39075?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2023-39075 published?
CVE-2023-39075 was published on 2023-08-03 and last updated on 2026-06-17.

References

Affected products (1)