Security Advisory

CVE-2023-28901

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-18 16:27:43

Last updated 2025-06-17 21:19:20

Assigner ASRG

State PUBLISHED

Description

The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.

← Browse all CVEs View on cve.org ↗