Security News BMW Fixes Security Flaws in Several Well-Known Car Models (local and remote hacks)

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
BMW is working on firmware updates for some of its cars after researchers from the Tencent Keen Security Lab have discovered 14 flaws affecting high-profile car models such as BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series.


The security flaws have been discovered during a year-long experiment carried out by the Chinese security firm between January 2017 and February 2018.


Keen Lab researchers notified BMW of the 14 flaws they found in March 2018. After BMW started rolling out mitigations, the Chinese researchers published today a summary of the 14 vulnerabilities in a 26-page technical report.

Flaws affect cars going back as far as 2012

The flaws affect BMW cars going back as far as 2012, Keen Lab researchers said, basing their assertion on the vulnerable components they exploited and their first sighting in BMW cars.


The point of entry for these hacks were the cars' infotainment and telematics systems. Researchers said they were able to combine the 14 flaws to escalate their access to the car's inner CAN bus —the component that interconnects all other car components and functions.


Researchers said they hacked BMW cars in scenarios that provided local access to the car (via a USB stick) or via remote hacks (using a software-defined radio).
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top