Medium severity6.8NVD Advisory· Published Nov 16, 2020· Updated Jun 17, 2026
CVE-2020-28656
CVE-2020-28656
Description
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a metainfo file are parsed, which can cause attacker-controlled files to be written to the infotainment system and executed as root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Volkswagen/Discover Media infotainment systemdescription
Patches
Vulnerability mechanics
References
1- www.contextis.com/en/blog/a-code-signing-bypass-for-the-vw-polonvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.