RSS   Vulnerabilities for 'Shanghai onstar'   RSS

2018-01-09
 
CVE-2017-9663

CWE-312
 

 
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.

 
 
CVE-2017-12697

CWE-200
 

 
A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server.

 
 
CVE-2017-12695

CWE-287
 

 
An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.

 


Copyright 2024, cxsecurity.com

 

Back to Top