CVE-2024-36842
📋 TL;DR
This vulnerability allows remote attackers to execute arbitrary code on affected Oncord+ Android Infotainment Systems via the ADB (Android Debug Bridge) port. Attackers can gain full system control without authentication. This affects vehicles with the specific hardware and software versions listed.
💻 Affected Systems
- Oncord+ Android Infotainment Systems
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of infotainment system allowing attackers to control vehicle functions, access personal data, install malware, or potentially affect safety-critical systems if integrated.
Likely Case
Unauthorized access to infotainment system allowing data theft, surveillance, or installation of malicious apps that could affect vehicle operation.
If Mitigated
Limited impact if ADB access is disabled or network segmentation prevents remote access.
🎯 Exploit Status
Public GitHub repository demonstrates exploitation via ADB port. No authentication required for remote code execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: Unknown
Restart Required: No
Instructions:
No official patch available. Contact Oncord for firmware updates or security guidance.
🔧 Temporary Workarounds
Disable ADB Access
androidDisable Android Debug Bridge (ADB) functionality to prevent remote exploitation
adb shell settings put global adb_enabled 0
adb shell setprop persist.adb.tcp.port -1
Network Segmentation
allIsolate infotainment system network from untrusted networks
🧯 If You Can't Patch
- Physically disconnect infotainment system from vehicle networks if possible
- Implement strict firewall rules blocking all inbound connections to ADB port (default 5555)
🔍 How to Verify
Check if Vulnerable:
Check if ADB is enabled and accessible: 'adb devices' from another device on same network, or scan port 5555Check Version:
Check Settings > About > Build Number for PlatformVER:K24-2023/05/09-v0.01Verify Fix Applied:
Verify ADB is disabled: 'adb shell getprop persist.adb.tcp.port' should return -1, and port 5555 should be closed📡 Detection & Monitoring
Log Indicators:
- ADB connection attempts in system logs
- Unauthorized shell commands executed
Network Indicators:
- TCP connections to port 5555 from external IPs
- ADB protocol traffic on vehicle network
SIEM Query:
source="vehicle_network" dest_port=5555 OR protocol="adb"