{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T12:30:07.320","vulnerabilities":[{"cve":{"id":"CVE-2023-28907","sourceIdentifier":"cve@asrg.io","published":"2025-06-28T16:15:22.740","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."},{"lang":"es","value":"No existe aislamiento de memoria entre los núcleos de la CPU del sistema de infoentretenimiento MIB3. Esto permite a un atacante con acceso al sistema operativo principal comprometer el núcleo de la CPU responsable del procesamiento de mensajes CAN. La vulnerabilidad se descubrió originalmente en el Skoda Superb III con unidad de infoentretenimiento MIB3 con número de pieza OEM 3V0035820. La lista de los números de pieza OEM MIB3 afectados se proporciona en los recursos referenciados."}],"metrics":{"cvssMetricV31":[{"source":"cve@asrg.io","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"weaknesses":[{"source":"cve@asrg.io","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/","source":"cve@asrg.io"},{"url":"https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf","source":"cve@asrg.io"},{"url":"https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2","source":"cve@asrg.io"},{"url":"https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}]}