BMW's in-car systems found to contain 14 flaws

By on
BMW's in-car systems found to contain 14 flaws
The team behind the research. (Credit: Tencent Keen Security Lab)

Can be remotely exploited under certain conditions.

Chinese security researchers have found 14 vulnerabilities in the on-board compute units of BMW vehicles, some of which can be remotely exploited to compromise vehicle functions.

Tencent Keen Security Lab disclosed the vulnerabilities in a paper overnight [pdf], but said it would not release a full copy of the research until next year, once BMW had fully mitigated against the flaws.

Keen Lab said that seven of the 14 flaw had been assigned CVE numbers, though these were presently undescribed in the CVE database.

The flaws are said to exist in three interconnected modules: the car’s “Infotainment System (a.k.a Head Unit), Telematics Control Unit and Central Gateway Module.”

“All the software vulnerabilities we found can be fixed by online reconfiguration and offline firmware update,” the researchers said.

“Currently, BMW is in progress working on the mitigation plans, and some high priority countermeasures are already in the rollout.”

Keen said the head unit vulnerabilities affected models including BMW’s i Series, X Series, 3 Series, 5 Series, and 7 Series vehicles.

In addition, flaws in the telematics unit impacted vehicles built since 2012.

The flaws were disclosed to BMW in late February following a year-long research effort by Keen Lab.

Countermeasures to combat the most serious flaws are already being deployed by the carmarker.

Exploiting some of these flaws would require “advanced expertise”, BMW noted in a letter included in Keen Lab’s report.

For example, an attacker would need to have control over an in-range mobile base station in order to remotely hack into a vehicle.

"Nine of the attack scenarios required a physical connection in the car or a location in the direct vicinity of the vehicle," BMW said in an extensive statement.

"Five attack scenarios were based on a remote connection using the mobile telephone network.

"Identifying, preparing and implementing attack scenarios via [a] mobile network requires comprehensive expertise."

Nevertheless, BMW indicated it has been deploying “measures ... since mid of April 2018 that are distributed via configuration updates remotely to the affected vehicles,” Keen Lab said.

“Additional security enhancements are developed by BMW in form of optional software updates. These will be available through the BMW dealer network.”

The same researchers have previously found zero-day exploits in various in-car modules used by Tesla.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
bmw keen lab security
In Partnership With

Most Read Articles

Massive CBA outage traced to failed infrastructure upgrade

Massive CBA outage traced to failed infrastructure upgrade
IBM revenue misses on weakness in its biggest unit

IBM revenue misses on weakness in its biggest unit
Netflix model for NSW transport nears with new Opal digital account

Netflix model for NSW transport nears with new Opal digital account
NBN Co redirects $200m wireless capex into HFC, FTTC

NBN Co redirects $200m wireless capex into HFC, FTTC
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Your Microsoft Security journey starts here
Your Microsoft Security journey starts here
Is your AWS framework well-architected?
Is your AWS framework well-architected?
Why you should reassess your cybersecurity posture
Why you should reassess your cybersecurity posture
How will you manage the cloud data deluge?
How will you manage the cloud data deluge?
Follow these steps to prevent targeted attacks
Follow these steps to prevent targeted attacks

Events

Log In

Username / Email:
Password:
  |  Forgot your password?