CVE-2024-37601
📋 TL;DR
A heap buffer overflow vulnerability exists in the user data import/export function of Mercedes Benz NTG 6 head units. Attackers with physical access to the vehicle's USB interface can crash the User-Data service by providing malicious data, causing temporary denial of service. This affects Mercedes vehicles equipped with NTG 6 infotainment systems.
💻 Affected Systems
- Mercedes Benz NTG 6 Head Unit
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Potential for arbitrary code execution leading to complete compromise of the head unit system, which could affect vehicle telematics, entertainment, and potentially safety-critical systems if further vulnerabilities are chained.
Likely Case
Denial of service causing the User-Data service to crash and restart, temporarily disrupting infotainment functions until service recovery.
If Mitigated
Minimal impact with only brief service interruption during automatic restart, no persistent system damage.
🎯 Exploit Status
Exploitation requires physical access to vehicle USB port but no authentication. Attack involves preparing malicious data on USB device.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Specific version unknown - check with Mercedes dealer
Vendor Advisory: Not publicly available - contact Mercedes Benz security team
Restart Required: Yes
Instructions:
1. Contact authorized Mercedes Benz dealer. 2. Schedule system update. 3. Dealer will apply firmware patch via diagnostic interface. 4. Verify update completion through system information menu.
🔧 Temporary Workarounds
Disable USB data import/export
allDisable the vulnerable user data import/export function through system settings
Navigate to Settings > System > User Data > Disable Import/Export
Physical USB port protection
allPhysically secure or disable USB ports to prevent unauthorized access
Use USB port locks or covers
Disable USB ports through system settings if available
🧯 If You Can't Patch
- Restrict physical access to vehicle interior
- Disable USB data import/export function in system settings
🔍 How to Verify
Check if Vulnerable:
Check system information for NTG 6 version and contact Mercedes dealer for vulnerability statusCheck Version:
Navigate to Settings > System > System Information > Software VersionVerify Fix Applied:
Verify firmware version after dealer update matches patched version provided by Mercedes📡 Detection & Monitoring
Log Indicators:
- User-Data service crash and restart events
- USB import/export failure logs
- System service abnormal termination
Network Indicators:
- No network indicators - local USB attack only
SIEM Query:
Not applicable - physical access attack with no network traffic