Hackers Found More Than a Dozen Vulnerabilities In BMW Cars



Critical Flaws Found In BMW Cars


Security_researchers_at _Keen's _lab

Security researchers at Tencent's Keen Security Lab has revealed a number of critical vulnerabilities in the onboard compute systems of  BMW vehicles.

In the span of 13 months of research, Keen's lab security researchers conducted several tests on major component models of BMW cars and discovered more than a dozen critical flaws which could compromise cars remotely.

Their tests focused on main components of BMW systems such as Head-unit and T-Box.

These flaws could cause severe impact on different BMW models including BMW i Series, 3 Series, 5 Series, 7 Series and X1 sDrives.

Technical report given by the Tencent's keen lab covered 9 critical vulnerabilities.

According to their report some of these flaws can be exploited physically through USB,Ethernet and bluetooth connections.
Which means attackers need physical access to the cars to exploit the flaws.
Memory corruption in Bluetooth service
Picture showing memory corruption



USB and OBD-II based flaw



USB and OBD-ll interface flaw


These USB and ODB interface based vulnerabilities can allow attackers to install backdoor in the NBT system and let the hackers to manupulate cars system through Central Gateway Module.


Bluetooth Connection Based Flaw



Bluetooth based flaw structure
Bluetooth based flaw structure

Bluetooth based flaw allow attackers to gain control over cars head unit system while in the process of Bluetooth pairing.

However,As bluetooth is a Short-range communication protocol, it only allows to exploit when attacker is very nearer to the vehicle.


Cellular Network Based Flaw


Cellular network based flaw

As cellular network is a wide-range protocol, Attackers can exploit this flaw even from long distances. They can perform Man In The Middle Attack by intercepting the traffic to inject RCE code into NBT and TCB systems to exploit remotely.

BMW awarded Keen's lab security researchers by quoting ""By far the most comprehensive and complex test ever conducted on BMW group vehicles by a third-party""


Also read

Post a Comment

0 Comments