Vulnerability Description
Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Renault | Zoe Ev 2021 Firmware | >= 11.10.2021, <= 16.01.2023 |
| Renault | Zoe Ev 2021 | - |
References
- https://blog.dhjeong.kr/posts/automotive/2023/12/how-to-fuzzing-realcars/
- https://blog.dhjeong.kr/posts/vuln/202307/renault-zoe/
- https://blog.jhyeon.dev/posts/vuln/202307/renault-zoe/ExploitThird Party Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-39075
- https://blog.dhjeong.kr/posts/automotive/2023/12/how-to-fuzzing-realcars/
- https://blog.dhjeong.kr/posts/vuln/202307/renault-zoe/
- https://blog.jhyeon.dev/posts/vuln/202307/renault-zoe/ExploitThird Party Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-39075
FAQ
What is CVE-2023-39075?
CVE-2023-39075 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data v...
How severe is CVE-2023-39075?
CVE-2023-39075 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-39075?
Check the references section above for vendor advisories and patch information. Affected products include: Renault Zoe Ev 2021 Firmware, Renault Zoe Ev 2021.