Vulnerabilities (CVE)

Filtered by vendor Vgate Subscribe
Filtered by product Icar 2 Wi-fi Obd2 Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-11478 1 Vgate 2 Icar 2 Wi-fi Obd2, Icar 2 Wi-fi Obd2 Firmware 2024-11-21 5.8 MEDIUM 8.8 HIGH
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car (different for every vendor / car product line / car). No authentication is needed, which allows attacks from the local Wi-Fi network.
CVE-2018-11477 1 Vgate 2 Icar 2 Wi-fi Obd2, Icar 2 Wi-fi Obd2 Firmware 2024-11-21 3.3 LOW 6.5 MEDIUM
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the public.
CVE-2018-11476 1 Vgate 2 Icar 2 Wi-fi Obd2, Icar 2 Wi-fi Obd2 Firmware 2024-11-21 5.8 MEDIUM 8.8 HIGH
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication.