VYPR
Vendor

BYD

Products
4
CVEs
4
Across products
4
Status
Private

Products

4

Recent CVEs

4
  • CVE-2024-46442CriDec 10, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication via a bruteforce attack.

  • CVE-2025-28169HigApr 23, 2025
    risk 0.53cvss 8.1epss 0.00

    BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud server unencrypted, allowing attackers to execute a man-in-the-middle attack.

  • CVE-2024-54728MedJan 27, 2025
    risk 0.42cvss 6.5epss 0.00

    Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs.

  • CVE-2025-7020MedAug 9, 2025
    risk 0.33cvss epss 0.00

    An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. in the model ATTO3). An attacker with physical access to the vehicle can bypass the encryption of log dumps on the In-Vehicle Infotainment (IVI) unit's…