CVE-2025-32057 - Misconfigured SSL/TLS communication of Redbend service for Infotainment ECU

CVE ID : CVE-2025-32057 Published : Jan. 22, 2026, 3:22 p.m. | 41 minutes ago Description : The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server root certificate is not verified. As a result, an attacker may be able to impersonate a Redbend backend server using a self-signed certificate. First identified on Nissan Leaf ZE1 manufactured in 2020. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...