Vulnerabilities (CVE)

Filtered by vendor Mercedes-benz Subscribe
Filtered by product A 220 4matic
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23910 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 7.5 HIGH 5.3 MEDIUM
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp.
CVE-2021-23909 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 7.5 HIGH 6.3 MEDIUM
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution.
CVE-2021-23908 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 7.5 HIGH 2.9 LOW
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution.
CVE-2021-23907 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 7.5 HIGH 2.9 LOW
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution.
CVE-2021-23906 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 2.1 LOW 1.8 LOW
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution.