Skoda-auto Superb 3 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Skoda-auto Superb 3 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-28898 — CVSS 5.3 (medium): The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter…
CVE-2023-28899 — CVSS 4.7 (medium): By sending a specific reset UDS request via OBDII port of Skoda vehicles, it is possible to cause vehicle engine shutdown and denial of…
CVE-2023-28897 — CVSS 4.0 (medium): The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded in the firmware. Vulnerability discovered…