汇总 audi 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 缓冲区溢出与跨站脚本 相关,可能在 软件部署与生产负载 场景中带来 应用崩溃与内存损坏 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-45587 | A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | [email protected] | 7.0 | 0.05% | 2025-09-12 | 2025-10-16 |
| CVE-2025-45586 | An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request. | [email protected] | 7.5 | 0.05% | 2025-09-12 | 2025-10-16 |
| CVE-2025-45585 | Multiple stored cross-site scripting (XSS) vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifi_sta_ssid or wifi_ap_ssid parameters. | [email protected] | 5.4 | 0.02% | 2025-09-12 | 2025-10-16 |
| CVE-2025-45584 | Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication. | [email protected] | 7.5 | 0.07% | 2025-09-12 | 2025-10-16 |
| CVE-2025-45583 | Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password. | [email protected] | 9.1 | 0.05% | 2025-09-12 | 2025-10-16 |
| CVE-2020-27524 | On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services. | [email protected] | 7.1 | 0.15% | 2020-11-11 | 2024-11-21 |