Vulnerabilities (CVE)

Filtered by vendor Gm Subscribe
Filtered by product Shanghai Onstar
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12695 1 Gm 1 Shanghai Onstar 2024-02-04 4.0 MEDIUM 8.8 HIGH
An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.
CVE-2017-12697 1 Gm 1 Shanghai Onstar 2024-02-04 4.3 MEDIUM 5.9 MEDIUM
A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server.
CVE-2017-9663 1 Gm 1 Shanghai Onstar 2024-02-04 5.0 MEDIUM 7.5 HIGH
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.