CVE-2024-46442
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Dec 10, 2024
Updated: Dec 11, 2024
CWE ID 307
Summary
CVE-2024-46442 is a vulnerability affecting the BYD Dilink Headunit System versions 3.0 to 4.0. This issue enables attackers to bypass the authentication mechanism through a brute force attack, potentially granting unauthorized access to the system. Successful exploitation could lead to theft or manipulation of user data, posing a significant risk to vehicle security and privacy. Users are recommended to apply the available patch or update to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share