CVE-2023-28912 – Skoda MIB3 In-vehicle Contact Data Disclosure

June 28, 2025

CVE ID : CVE-2023-28912

Published : June 28, 2025, 4:15 p.m. | 3 hours, 3 minutes ago

Description : The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner’s contact data.
The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.

Severity: 5.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-29113 – Volkswagen Skoda MIB3 Privilege Escalation Vulnerability

Next Article CVE-2023-28911 – Skoda MIB3 Bluetooth Stack Channel Disconnection Denial-of-Service Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2023-28912 – Skoda MIB3 In-vehicle Contact Data Disclosure

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-54134 – HAX CMS NodeJs allows users to manage their micros

Africa Faces a Digital Sextortion Crisis as Numbers Surge Across the Continent

This new Gmail tool lets you declutter your inbox in seconds – here’s how to use it

Valve reveals new SteamOS Compatibility system for Non-Steam Decks like Legion Go S SteamOS — 18,000+ titles expected “out of the gate”

CVE-2025-44176 – Tenda FH451 Unauthenticated Remote Code Execution Vulnerability

CVE-2025-49029 – Bitto Kazi Custom Login And Signup Widget Code Injection Vulnerability

A Coding Implementation for Advanced Multi-Head Latent Attention and Fine-Grained Expert Segmentation

CVE-2025-32915 – Checkmk Incorrect Package Permissions Vulnerability

CVE-2023-28912 – Skoda MIB3 In-vehicle Contact Data Disclosure

Related Posts