← Back

Mercedes Me

mercedes_me

Vendor: Mercedes Benz • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-47393
1Mercedes Benz
1Mercedes Me
Nov 21, 2024
Nov 22, 2023
N/A· v4
5.3 MEDIUM· v3
N/A· v2
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sensitive user information via unspecified vectors.
CVE-2023-47392
1Mercedes Benz
1Mercedes Me
Nov 21, 2024
Nov 22, 2023
N/A· v4
5.3 MEDIUM· v3
N/A· v2
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.
CVE-2018-18071
1Mercedes Benz
1Mercedes Me
Nov 21, 2024
Oct 9, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remo...Show more
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remote Parking Pilot, unlock the vehicle, or obtain sensitive information such as latitude, longitude, and direction of travel.Show less