Vulnerabilities

CVE-2018-9322

by Fred · 31/05/2018

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface. An attacker can bypass the code-signing protection mechanism for firmware updates, and consequently obtain a root shell.

Date published : 2018-05-31

http://www.securityfocus.com/bid/104258

https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf

Similar

Tags: Cybersecurity Alert