Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-32063
PUBLISHED
More InfoOfficial Page
Assigner-ASRG
Assigner Org ID-c15abc07-96a9-4d11-a503-5d621bfe42ba
View Known Exploited Vulnerability (KEV) details
Published At-15 Feb, 2026 | 10:48
Updated At-15 Feb, 2026 | 10:48
Rejected At-
▼CVE Numbering Authority (CNA)
Enabling SSH server on Infotainment ECU

There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server. First identified on Nissan Leaf ZE1 manufactured in 2020.

Affected Products
Vendor
Robert Bosch GmbHBosch
Product
Infotainment system ECU
Platforms
  • Linux
Default Status
unaffected
Versions
Affected
  • 283C30861E
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306 Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-306
Description: CWE-306 Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
3.16.8MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-578CAPEC-578 Disable Security Software
CAPEC ID: CAPEC-578
Description: CAPEC-578 Disable Security Software
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Radu Motspan (PCA Cyber Security Assessment Team)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html
product
http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf
media-coverage
https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch
third-party-advisory
Hyperlink: https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html
Resource:
product
Hyperlink: http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf
Resource:
media-coverage
Hyperlink: https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch
Resource:
third-party-advisory
Details not found