Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests.
References
Link | Resource |
---|---|
https://asrg.io/security-advisories/ | Not Applicable |
Configurations
Configuration 1 (hide)
AND |
|
History
20 Aug 2024, 16:17
Type | Values Removed | Values Added |
---|---|---|
First Time |
Nissan-global
Nissan-global altima Nissan-global blind Spot Protection Sensor Ecu Firmware |
|
CPE | cpe:2.3:h:nissan-global:altima:2022:*:*:*:*:*:*:* cpe:2.3:o:nissan-global:blind_spot_protection_sensor_ecu_firmware:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | () https://asrg.io/security-advisories/ - Not Applicable | |
Summary |
|
19 Aug 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-19 16:15
Updated : 2024-08-20 16:17
NVD link : CVE-2024-6348
Mitre link : CVE-2024-6348
CVE.ORG link : CVE-2024-6348
JSON object : View
Products Affected
nissan-global
- blind_spot_protection_sensor_ecu_firmware
- altima
CWE
CWE-330
Use of Insufficiently Random Values