Mercedes-Benz MBUX Head Unit Vulnerabilities Identified
/ 1 min read
🚗🔍 Mercedes-Benz MBUX Head Unit Vulnerabilities Exposed in Security Research. A detailed analysis of the Mercedes-Benz User Experience (MBUX) infotainment system has uncovered multiple security vulnerabilities, including buffer overflows and command injection risks. The research, conducted by a team including Radu Motspan and Kirill Nesterov, utilized diagnostic tools and custom scripts to probe the system’s architecture and communication protocols. Key vulnerabilities identified include CVE-2024-37600, which allows for stack buffer overflow, and CVE-2023-34402, enabling arbitrary file writing. The findings highlight significant security flaws that could be exploited through physical access, particularly via USB connections, raising concerns about the safety of connected vehicles. The vulnerabilities have been disclosed to Mercedes-Benz, with several CVE IDs assigned for tracking.
