CVE-2023-34398
Published: 13 February 2025
Summary
CVE-2023-34398 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Mercedes-Benz Headunit Ntg6 Mercedes-Benz User Experience. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 49.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2023-34398 is a null pointer dereference vulnerability (CWE-476) in the Boost library's serialization functionality, affecting the Mercedes-Benz NTG6 head-unit. The issue arises in functions that import or export profile settings over USB, where certain table values are processed as serialized archives according to the Boost library, leading to the dereference during deserialization.
The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating it can be exploited remotely over a network by unauthenticated attackers with low complexity and no user interaction. Exploitation triggers a crash in the affected component, resulting in denial-of-service with high availability impact but no confidentiality or integrity effects.
Mitigation details are outlined in the Kaspersky advisory at https://securelist.com/mercedes-benz-head-unit-security-research/115218/.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-38476
Vulnerability details
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Null pointer dereference during Boost deserialization of USB profile settings directly enables remote exploitation to crash the head-unit component, matching Application or System Exploitation for DoS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires identification, testing, and installation of patches to remediate the specific null pointer dereference vulnerability in the Boost library's serialization during USB profile import.
Validates imported profile settings as serialized archives over USB to prevent malformed data from triggering the deserialization null pointer dereference and crash.
Ensures secure error handling during Boost deserialization to avoid denial-of-service crashes from null pointer dereferences without compromising availability.