mercedes-benz CVE Vulnerabilities & Metrics

Focus on mercedes-benz vulnerabilities and metrics.

Last updated: 29 Jun 2025, 22:25 UTC

About mercedes-benz Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with mercedes-benz. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total mercedes-benz CVEs: 24
Earliest CVE date: 09 Oct 2018, 09:29 UTC
Latest CVE date: 13 Feb 2025, 23:15 UTC

Latest CVE reference: CVE-2024-37603

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 13

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 550.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 550.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical mercedes-benz CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 1.96

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range Count
0.0-3.9 18
4.0-6.9 1
7.0-8.9 5
9.0-10.0 0

CVSS Distribution Chart

Top 5 Highest CVSS mercedes-benz CVEs

These are the five CVEs with the highest CVSS scores for mercedes-benz, sorted by severity first and recency.

All CVEs for mercedes-benz

CVE-2024-37603 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically.

CVE-2024-37602 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible NULL pointer dereference in the Apple Car Play function affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address, an attacker can connect via the internal network to the AirTunes / AirPlay service. With prepared HTTP requests, an attacker can cause the Car Play service to fail.

CVE-2024-37601 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically.

CVE-2024-37600 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address, an attacker can connect via the internal network to the Service Broker service. With prepared HTTP requests, an attacker can cause the Service-Broker service to fail.

CVE-2023-34406 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically.

CVE-2023-34404 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to these pins and get access to internal network. As a result, by accessing a specific port an attacker can send call request to all registered services in router and achieve command injection vulnerability.

CVE-2023-34403 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to internal network. A race condition can be acquired and attacker can spoof “UserData” with desirable file path and access it though backup on USB.

CVE-2023-34402 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights.

CVE-2023-34401 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 23:15 UTC

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory.

CVE-2023-34400 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 22:15 UTC

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the file and convert it to null-terminated string. If character is missed, will return null pointer.

CVE-2023-34399 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 22:15 UTC

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow.

CVE-2023-34398 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 22:15 UTC

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference.

CVE-2023-34397 mercedes-benz vulnerability CVSS: 0 13 Feb 2025, 22:15 UTC

Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed.

CVE-2023-47393 mercedes-benz vulnerability CVSS: 0 22 Nov 2023, 07:15 UTC

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sensitive user information via unspecified vectors.

CVE-2023-47392 mercedes-benz vulnerability CVSS: 0 22 Nov 2023, 07:15 UTC

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.

CVE-2023-23590 mercedes-benz vulnerability CVSS: 0 15 Jan 2023, 05:15 UTC

Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.

CVE-2021-23910 mercedes-benz vulnerability CVSS: 7.5 13 May 2021, 19:15 UTC

An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp.

CVE-2021-23909 mercedes-benz vulnerability CVSS: 7.5 13 May 2021, 19:15 UTC

An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution.

CVE-2021-23908 mercedes-benz vulnerability CVSS: 7.5 13 May 2021, 19:15 UTC

An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution.

CVE-2021-23907 mercedes-benz vulnerability CVSS: 7.5 13 May 2021, 19:15 UTC

An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution.

CVE-2021-23906 mercedes-benz vulnerability CVSS: 2.1 13 May 2021, 19:15 UTC

An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution.

CVE-2020-16142 mercedes-benz vulnerability CVSS: 2.9 27 Aug 2020, 16:15 UTC

On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string specifiers in a device name in the COMAND infotainment software.

CVE-2018-18071 mercedes-benz vulnerability CVSS: 5.0 09 Oct 2018, 09:29 UTC

An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remote Parking Pilot, unlock the vehicle, or obtain sensitive information such as latitude, longitude, and direction of travel.

CVE-2018-18070 mercedes-benz vulnerability CVSS: 7.1 09 Oct 2018, 09:29 UTC

An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to re-calculate the route, which will cause a boot loop. (Under certain circumstances, it is possible to quickly overwrite the malicious route to regain the stability of the system.)