BMW's in-car systems found to contain 14 flaws

By on
BMW's in-car systems found to contain 14 flaws
The team behind the research. (Credit: Tencent Keen Security Lab)

Can be remotely exploited under certain conditions.

Chinese security researchers have found 14 vulnerabilities in the on-board compute units of BMW vehicles, some of which can be remotely exploited to compromise vehicle functions.

Tencent Keen Security Lab disclosed the vulnerabilities in a paper overnight [pdf], but said it would not release a full copy of the research until next year, once BMW had fully mitigated against the flaws.

Keen Lab said that seven of the 14 flaw had been assigned CVE numbers, though these were presently undescribed in the CVE database.

The flaws are said to exist in three interconnected modules: the car’s “Infotainment System (a.k.a Head Unit), Telematics Control Unit and Central Gateway Module.”

“All the software vulnerabilities we found can be fixed by online reconfiguration and offline firmware update,” the researchers said.

“Currently, BMW is in progress working on the mitigation plans, and some high priority countermeasures are already in the rollout.”

Keen said the head unit vulnerabilities affected models including BMW’s i Series, X Series, 3 Series, 5 Series, and 7 Series vehicles.

In addition, flaws in the telematics unit impacted vehicles built since 2012.

The flaws were disclosed to BMW in late February following a year-long research effort by Keen Lab.

Countermeasures to combat the most serious flaws are already being deployed by the carmarker.

Exploiting some of these flaws would require “advanced expertise”, BMW noted in a letter included in Keen Lab’s report.

For example, an attacker would need to have control over an in-range mobile base station in order to remotely hack into a vehicle.

"Nine of the attack scenarios required a physical connection in the car or a location in the direct vicinity of the vehicle," BMW said in an extensive statement.

"Five attack scenarios were based on a remote connection using the mobile telephone network.

"Identifying, preparing and implementing attack scenarios via [a] mobile network requires comprehensive expertise."

Nevertheless, BMW indicated it has been deploying “measures ... since mid of April 2018 that are distributed via configuration updates remotely to the affected vehicles,” Keen Lab said.

“Additional security enhancements are developed by BMW in form of optional software updates. These will be available through the BMW dealer network.”

The same researchers have previously found zero-day exploits in various in-car modules used by Tesla.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
bmw keen lab security
In Partnership With

Most Read Articles

The CIO moves that made headlines in 2019

The CIO moves that made headlines in 2019
IBM appoints new Asia Pacific chief

IBM appoints new Asia Pacific chief
Google adds IBM Power to its cloud

Google adds IBM Power to its cloud
Defence, Tax Office fork out millions to keep Windows 7 secure for another year

Defence, Tax Office fork out millions to keep Windows 7 secure for another year
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Are you getting profitable outcomes from your IT?
Are you getting profitable outcomes from your IT?
Your Microsoft Security journey starts here
Your Microsoft Security journey starts here
Is your AWS framework well-architected?
Is your AWS framework well-architected?
Why you should reassess your cybersecurity posture
Why you should reassess your cybersecurity posture
How will you manage the cloud data deluge?
How will you manage the cloud data deluge?

Events

Log In

Username / Email:
Password:
  |  Forgot your password?