Critical Flaws Found In BMW Cars
Security researchers at Tencent's Keen Security Lab has revealed a number of critical vulnerabilities in the onboard compute systems of BMW vehicles.
In the span of 13 months of research, Keen's lab security researchers conducted several tests on major component models of BMW cars and discovered more than a dozen critical flaws which could compromise cars remotely.
Their tests focused on main components of BMW systems such as Head-unit and T-Box.
These flaws could cause severe impact on different BMW models including BMW i Series, 3 Series, 5 Series, 7 Series and X1 sDrives.
Technical report given by the Tencent's keen lab covered 9 critical vulnerabilities.
According to their report some of these flaws can be exploited physically through USB,Ethernet and bluetooth connections.
Which means attackers need physical access to the cars to exploit the flaws.
 |
| Picture showing memory corruption |
USB and OBD-II based flaw
These USB and ODB interface based vulnerabilities can allow attackers to install backdoor in the NBT system and let the hackers to manupulate cars system through Central Gateway Module.
Bluetooth based flaw allow attackers to gain control over cars head unit system while in the process of Bluetooth pairing.
However,As bluetooth is a Short-range communication protocol, it only allows to exploit when attacker is very nearer to the vehicle.
As cellular network is a wide-range protocol, Attackers can exploit this flaw even from long distances. They can perform Man In The Middle Attack by intercepting the traffic to inject RCE code into NBT and TCB systems to exploit remotely.
BMW awarded Keen's lab security researchers by quoting ""By far the most comprehensive and complex test ever conducted on BMW group vehicles by a third-party""
Also read
Bluetooth Connection Based Flaw
 |
| Bluetooth based flaw structure |
Bluetooth based flaw allow attackers to gain control over cars head unit system while in the process of Bluetooth pairing.
However,As bluetooth is a Short-range communication protocol, it only allows to exploit when attacker is very nearer to the vehicle.
Cellular Network Based Flaw
 |
As cellular network is a wide-range protocol, Attackers can exploit this flaw even from long distances. They can perform Man In The Middle Attack by intercepting the traffic to inject RCE code into NBT and TCB systems to exploit remotely.
BMW awarded Keen's lab security researchers by quoting ""By far the most comprehensive and complex test ever conducted on BMW group vehicles by a third-party""
Also read
0 Comments