„Pwn My Ride“ vulnerability: BMW delivers patch for specific vehicles
BMW fixes serious AirPlay security vulnerability for Operating System 8.5 and 9. For others, it relies on Bluetooth PINs and considers its system well-isolated.
A BMW i7 under assembly.
(Image: BMW)
BMW has commented on missing patches for a problematic security vulnerability in AirPlay and CarPlay. According to the company's statements to Mac & i, certain vehicles have “since received a patch via over-the-air update or ex-factory.” However, there's a catch: it only applies to cars that have or can be updated to Operating System 8.5 or Operating System 9.
Security risk “extremely low”
In the spring, it became known that there were flaws in AirPlay (and thus also in CarPlay) that allowed the takeover of consumer electronics, including car entertainment systems. The vulnerability named “Pwn My Ride” is still open in a number of vehicles. A customer service representative informed an owner of an i3s that no patch would be made available for this vehicle. This was justified by an “extremely low” security risk – because attackers would first have to pair their device with the car via Bluetooth.
Videos by heise
BMW still holds a similar stance. “Exploiting the security vulnerability requires an attacker with a malicious device to actively initiate pairing with the vehicle's head unit via Bluetooth. However, this pairing process requires both direct initiation from the vehicle's pairing menu and PIN-based validation.” This multi-stage process ensures “that unintentional or unauthorized pairing is practically impossible.” BMW further emphasized that it has been using “various security concepts for several years,” “including process isolation” and “limiting permissions to the bare minimum.” Therefore, by exploiting the security vulnerability, an attacker “does not gain root privileges on the control unit.” However, what can still be done remains unclear. “Given these strict prerequisites and the highly limited possible actions for an attacker, the security risk for our customers is assessed as extremely low.”
For which vehicles there are patches
The group's “Automotive Cyber Security Unit” takes “every potential threat extremely seriously” – including this one. “Immediately after the security vulnerability became known, our experts thoroughly investigated it.” This led to the decision to provide patches for operating systems 8.5 and 9.
These include mid-range and upper-mid-range models in the 3 Series, 4 Series, 5 Series, 7 Series, X5, X6, X7, iX, XM variants (Operating System 8.5), as well as compact class models in the 1 Series, 2 Series, 2 Series Active Tourer, X1, X2, X3 variants (Operating System 9). The rollout of these systems began in the summer of 2023.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(bsc)
