How severe is CVE-2024-37602?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2024-37602?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2024-37602 - MEDIUM Severity | CVSS 4.6

Vulnerability Description

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible NULL pointer dereference in the Apple Car Play function affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address, an attacker can connect via the internal network to the AirTunes / AirPlay service. With prepared HTTP requests, an attacker can cause the Car Play service to fail.

Related Vulnerabilities

CVE-2015-7515

MEDIUM

CVSS:4.6(Medium)

The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash)...

CWE-4762015

CVE-2016-2782

MEDIUM

CVSS:4.6(Medium)

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or ...

CWE-4762016

CVE-2017-5625

MEDIUM

CVSS:4.6(Medium)

In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by i...

CWE-4762017

CVE-2019-15098

MEDIUM

CVSS:4.6(Medium)

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

CWE-4762019

CVE-2019-15216

MEDIUM

CVSS:4.6(Medium)

An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

CWE-4762019

CVE-2019-15217

MEDIUM

CVSS:4.6(Medium)

An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.

CWE-4762019