How severe is CVE-2024-8357?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2024-8357?

This is classified as CWE-1326, which is a common weakness in software security.

CVE-2024-8357

HIGH Year: 2024

CVSS v3 Score

7.8

High

Weakness Type

CWE-1326

View all →

Vulnerability Description

Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-23759.

CVE-2025-2762

HIGH

CVSS:7.8(High)

CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCP...

CWE-13262025

CVE-2024-32742

HIGH

CVSS:7.6(High)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misus...

CWE-13262024

CVE-2022-38773

MEDIUM

CVSS:6.8(Medium)

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical acce...

CWE-13262022