The safety flaws create got been discovered during a year-long safety audit conducted past times researchers from Keen Security Lab, a cybersecurity inquiry unit of measurement of Chinese trouble solid Tencent, betwixt Jan 2017 together with Feb 2018.
In March 2018, the squad responsibly disclosed xiv dissimilar vulnerabilities straight to the BMW Group, which affects its vehicles since at to the lowest degree 2012.
These are the same grouping of researchers who create got previously constitute multiple vulnerabilities inward diverse in-car modules used past times Tesla, that could create got been exploited to attain remote controls on a target car.
Now that BMW started rolling out patches for the vulnerabilities to machine owners, the researchers create got gone populace alongside a 26-page technical study [PDF] describing their findings, though they avoided publishing to a greater extent than or less of import technical details to preclude abuse.
The researchers said a total re-create of their inquiry is expected to seem old inward early on 2019, past times which the BMW grouping exclusively mitigates against the vulnerabilities.
The squad of Chinese infosec researchers focused on 3 critical vehicular components—Infotainment System (or Head Unit), Telematics Control Unit (TCU or T-Box), together with Central Gateway Module inward several BMW models.
- 8 flaws impact the internet-connected Infotainment System that plays music together with media
- 4 flaws deport upon the Telematics Control Unit (TCU) that provides telephony services, accident assistance services, together with mightiness to lock/unlock the machine doors remotely.
- 2 flaws deport upon the Central Gateway Module that has been designed to have diagnostic messages from the TCU together with the infotainment unit of measurement together with and thence transfer them to other Electronic Control Units (ECUs) on dissimilar CAN buses.
Exploiting these vulnerabilities could let attackers to post arbitrary diagnostic messages to the target vehicle's engine command unit of measurement (ECU), which command electrical functions of the car, together with to the CAN bus, which is the spinal cord of the vehicle.
This would eventually let miscreants to accept consummate command over the performance of the affected vehicle to to a greater extent than or less extent.
Another 4 vulnerabilities require physical or "indirect" physical access to the car.
However, half-dozen vulnerabilities tin hold upwards exploited remotely to compromise vehicle functions, including 1 conducted over a brusk gain via Bluetooth or over long gain via cellular networks, fifty-fifty when the vehicle is beingness driven.
The squad confirmed that the vulnerabilities existed inward Head Unit would deport upon several BMW models, including BMW i Series, BMW X Series, BMW 3 Series, BMW v Series, BMW seven Series.
However, researchers said the vulnerabilities uncovered inward Telematics Control Unit (TCB) would deport upon "BMW models which equipped alongside this module produced from the twelvemonth 2012."
BMW has confirmed the findings together with already started rolling out over-the-air updates to gear upwards to a greater extent than or less bugs inward the TCU, precisely other flaws volition take away patches through the dealers, which is why the researchers create got scheduled their total technical study to March 2019.
BMW also rewarded Keen Security Lab researchers alongside the commencement winner of the BMW Group Digitalization together with information technology Research Award, describing their inquiry "by far the almost comprehensive together with complex testing e'er conducted on BMW Group vehicles past times a 3rd party."
