CVE-2023-28900

The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt