Vulnerability Details : CVE-2023-39075
Potential exploit
Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device.
Products affected by CVE-2023-39075
- Renault » Zoe Ev 2021 FirmwareVersions from including (>=) 11.10.2021 and up to, including, (<=) 16.01.2023cpe:2.3:o:renault:zoe_ev_2021_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-39075
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-39075
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.9
|
3.6
|
NIST |
References for CVE-2023-39075
-
https://nvd.nist.gov/vuln/detail/CVE-2023-39075
NVD - CVE-2023-39075
-
https://blog.jhyeon.dev/posts/vuln/202307/renault-zoe/
Renault ZOE Automotive Infotainment VulnerabilityExploit;Third Party Advisory
-
https://blog.dhjeong.kr/posts/vuln/202307/renault-zoe/
Renault ZOE Automotive Infotainment Vulnerability
-
https://blog.dhjeong.kr/posts/automotive/2023/12/how-to-fuzzing-realcars/
How to fuzzing USB stack in real cars
Jump to