This page aggregates publicly disclosed CVE and security risk information related to bmw, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2018-9322 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface. An attacker can bypass the code-signing protection mechanism for firmware updates, and consequently obtain a root shell. | [email protected] | 7.8 | 0.08% | 2018-05-31 | 2024-11-21 |
| CVE-2018-9320 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. | [email protected] | 7.8 | 0.08% | 2018-05-31 | 2024-11-21 |
| CVE-2018-9318 | The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. | [email protected] | 9.8 | 0.84% | 2018-05-31 | 2024-11-21 |
| CVE-2018-9314 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who has direct physical access. | [email protected] | 6.8 | 0.10% | 2018-05-31 | 2024-11-21 |
| CVE-2018-9313 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via Bluetooth when in pairing mode, leading to a Head Unit reboot. | [email protected] | 5.3 | 0.31% | 2018-05-31 | 2024-11-21 |
| CVE-2018-9312 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. | [email protected] | 7.8 | 0.15% | 2018-05-31 | 2024-11-21 |
| CVE-2018-9311 | The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. | [email protected] | 9.8 | 0.84% | 2018-05-31 | 2024-11-21 |