### [CVE-2024-37601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37601)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically.

### POC

#### Reference
- https://securelist.com/mercedes-benz-head-unit-security-research/115218/

#### Github
No PoCs found on GitHub currently.