CVE-2023-28911 – Skoda MIB3 Bluetooth Stack Channel Disconnection Denial-of-Service Vulnerability

June 28, 2025

CVE ID : CVE-2023-28911

Published : June 28, 2025, 4:15 p.m. | 3 hours, 3 minutes ago

Description : A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconnection. An attacker can leverage this vulnerability to cause a denial-of-service attack for every connected client of the infotainment device.
The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-28912 – Skoda MIB3 In-vehicle Contact Data Disclosure

Next Article CVE-2023-28909 – Skoda MIB3 Bluetooth Integer Overflow Remote Code Execution Vulnerability

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

Forget YouTube’s ad blocker war — this Google AI Overviews clone might finally sell me on the $14/month Premium subscription

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

CVE-2023-28911 – Skoda MIB3 Bluetooth Stack Channel Disconnection Denial-of-Service Vulnerability

CVE-2023-28902 – Skoda MIB3 Infotainment Unit Integer Underflow Denial-of-Service Vulnerability

CVE-2023-28906 – Skoda MIB3 Infotainment Command Injection Vulnerability

CVE-2025-29756 – SunGrow iSolarCloud MQTT Credentials Disclosure and Decryption Key Extraction Vulnerability

Orange Pi RV2 Single Board Computer Running Linux: Power Consumption

CVE-2025-32985 – NETSCOUT nGeniusONE Credential Hardcoding Vulnerability

35,000 Solar Power Systems Exposed To Internet Are Vulnerable To Cyberattacks

International Operation Targets Qakbot Hacker, $24M in Crypto Seized

Fast forward TMS

OpenAI’s Deep Research has more fact-finding stamina than you, but it’s still wrong half the time

Ivanti Workspace Control Vulnerabilities Let Attackers Decrypt Stored SQL Credentials

CVE-2023-28911 – Skoda MIB3 Bluetooth Stack Channel Disconnection Denial-of-Service Vulnerability

Related Posts