CVE-2023-34400
Published: 13 February 2025
Summary
CVE-2023-34400 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Mercedes-Benz Headunit Ntg6 Mercedes-Benz User Experience. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 40.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-11 (Error Handling).
Deeper analysis
CVE-2023-34400 is a NULL pointer dereference vulnerability (CWE-476) affecting the Mercedes-Benz head-unit NTG6. The flaw resides in functions that handle importing or exporting profile settings over USB, where the service parses a header within the file and attempts to convert it to a null-terminated string. If a required character is missing during this process, the service returns a null pointer, leading to the vulnerability.
The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating it is exploitable over the network with low attack complexity, requiring no privileges or user interaction. Any unauthenticated remote attacker able to provide a specially crafted file via the affected import functionality can trigger the null pointer dereference, resulting in a denial-of-service condition through application crash and high availability impact.
For details on mitigation, including any patches or workarounds, refer to the security research advisory at https://securelist.com/mercedes-benz-head-unit-security-research/115218/. The CVE was published on 2025-02-13.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-38478
Vulnerability details
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the file and convert it to null-terminated string. If character is missed, will return null pointer.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires validation of USB profile file inputs, including headers, to prevent null pointer dereference from malformed files during parsing.
Mandates proper error handling for parsing failures, such as missing null-termination characters, to avoid application crashes and denial-of-service.
Directly addresses remediation of the null pointer dereference flaw in the head-unit's USB profile import/export functions through patching and verification.