An audit reveals the presence of 14 security vulnerabilities in the on-board computer of BMW cars.
It's a Chinese team of cybersecurity researchers that reveals the presence of 14 vulnerabilities in BMW's on-board computers. As part of an ethical hacking, the audit was conducted by a subsidiary of giant Tencent, Keen Security Lab.
Like the generalized security problem revealed on the "Controller Area Network" system, the audit of Keen Security Lab is edifying: no less than 14 vulnerabilities have been discovered, 6 of which can be exploited remotely, including when the vehicle rolls ... The test was conducted on the recent models of BMW, released since 2012. Of course, the vulnerabilities identified were transmitted directly to BMW in early March, so that the German manufacturer can begin to correct them, before their disclosure. But the full report of Keen Security Lab will not be made public until 2019, because BMW will need time to correct some flaws, more complex. Here is in video the detail of the operation of ethical hacking led on BMW
Specifically, the 14 flaws of the onboard computer BMW are divided into 3 categories. 8 vulnerabilities relate to the Internet-connected entertainment system, 4 others relate to the TCU (Telematics Control Unit), used to offer telephony services, such as remote assistance, calls, and even door unlocking, while The last two highlight problems with the Central Gateway Module, which has the role of exchanging information between systems. The details of the results have been published on the website of Keen Security Lab.