The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number.CreditsAnna Breeva (PCAutomotive)Referenceshttps://asrg.io/security-advisories/cve-2023-28900