BMW Telematics security vulnerabilities discovered

dparm · 05-25-2018, 10:41 AM

https://nakedsecurity.sophos.com/201...ecurity-patch/

The vulnerabilities are in in the Telematics Control Unit (TCB), the Central Gateway Module, and Head Unit, across a range of interfaces including via GSM, BMW Remote Service, BMW ConnectedDrive, Remote Diagnosis, NGTP, Bluetooth, and the USB/OBD-II interfaces.

Some require local access (e.g. via USB) to exploit but six including the Bluetooth flaw were accessible remotely, making them the most serious.

It sounds like this may impact some later E9x M3s -- so check the BMW site for software updates in the coming weeks.

drwankel · 05-28-2018, 01:24 PM

This is disturbing. I wish there was more concrete info about exactly what is affected.

Bartledoo · 05-28-2018, 11:13 PM

So stripper models are safe?

should help stripper resale value...

05-25-2018, 10:41 AM	#1
dparm Stop the hate, get a V8 3850 Rep 8,625 Posts Drives: C7 Corvette GS, AMG C63 S Join Date: Jun 2013 Location: Frisco, TX iTrader: (1)	BMW Telematics security vulnerabilities discovered https://nakedsecurity.sophos.com/201...ecurity-patch/ The vulnerabilities are in in the Telematics Control Unit (TCB), the Central Gateway Module, and Head Unit, across a range of interfaces including via GSM, BMW Remote Service, BMW ConnectedDrive, Remote Diagnosis, NGTP, Bluetooth, and the USB/OBD-II interfaces. Some require local access (e.g. via USB) to exploit but six including the Bluetooth flaw were accessible remotely, making them the most serious. It sounds like this may impact some later E9x M3s -- so check the BMW site for software updates in the coming weeks. __________________ Now: 2017 Corvette Grand Sport, 2021 AMG C63 S sedan Past: 2011.5 M3 sedan ZCP
	Appreciate 1 m3jala543.50 Tweet Quote

05-28-2018, 01:24 PM	#2
drwankel Major 1038 Rep 1,046 Posts Drives: 2012 E92 M3 ZCP, 2021 M340i Join Date: Feb 2016 Location: Bothell, WA iTrader: (0)	This is disturbing. I wish there was more concrete info about exactly what is affected.
	Appreciate 0 Quote

05-28-2018, 11:13 PM	#3
Bartledoo Driver 2692 Rep 2,714 Posts Drives: 2011 E90 M3 6MT Join Date: Aug 2015 Location: Seattle, WA iTrader: (0) Garage List 2023 Corvette Stingray [0.00] 2002 Porsche Boxster [0.00] 2011 E90 M3 [0.00] 2021 Tesla Model Y [0.00]	So stripper models are safe? should help stripper resale value...
	Appreciate 0 Quote