BMW Fixes Security Flaws in Several Well-Known Car Models



BMW Fixes Security Flaws in Several Well-Known Car Models

Ever wondered how safe is your BMW? Though, most owners think it isn’t their responsibility because they expect that the manufacturers should have done the needful.

However, there is a-not-so-good news about the network and computer security of the BMW because security vulnerabilities have been discovered in BMW car models by Chinese security researchers. A total of 14 vulnerabilities were reported by Keen Security lab, which affects main remote attack vectors such as:

  • The central gateway module
  • The Telematic Control Unit (TCU) and
  • Infotainment system 

Nevertheless, these defects were found on BMW’s i Series, 7 series model, X1 sDrive and 5 series.

BMW was notified of the flaws after the completion of the experiment, which led to mitigations by BMW and then resulted in the security firm publishing a 26-page technical report. The German auto-giant decided to employ the use of its over-the-air component to issue security patches in the form of configuration updates. BMW was committed to providing offline firmware patches whenever the affected models are brought to authorized service centers. The researchers, Tencent Keen Security Lab researchers became awarded with the BMW Group Digitization and IT research Award for the work they did.

Have the carmakers (BMW) fixed all the vulnerabilities?

Four of the vulnerabilities discovered can be exploited by a hacker by gaining entry into the car using a USB. The other six can be exploited indirectly using a remote control. The remote control point of access was reported in 2015, where a 14-year-old by-passed the firmware protection and broke the secure isolation of several system mechanisms. The remaining four vulnerabilities require a physical presence in order to access the vehicle’s computer. 

However, apart from the remote control, if a hacker can’t gain physical access into your car, this vulnerability can’t be exploited. QuickPro Locksmith can install whatever option you choose for your car’s security.

Why do you need to upgrade the security of your BMW?

If you can safeguard the FOB or remote control of your BMW, hackers can still take advantage of the vulnerabilities when they gain physical access to your car to penetrate through the local bus systems (USB, CAN Bus – OBD-II-and Ethernet) they can also manipulate the vehicle by reverse engineering to display false messages to the driver while the car is in motion. 

It’s therefore important to make your car lock secure enough. At QuickPro Locksmith, we can get the job done. 

Absence of a detailed joint technical report

The Chinese research firm indicated that the report released in 2018 was just an overview of the discovered flaws, that a second report would be published in 2019, giving BMW time to make the much-needed adjustments.  

Conclusion

BWM stated in the acceptance of the report that “Third parties increasingly play a crucial role in improving automotive security as they conduct their in-depth tests of products and service.”

Therefore, QuickPro Locksmith has got the experience and technology to help you secure your vehicle and to decrease the number of vulnerabilities that can be used to attack or hack your car. If you feel the need to top the security of your vehicle, call us now.


Quickpro Locksmith LLC Rated 4.7 out of 5 based on 138 ratings and reviews.

Pin It

Blog

Call Now To Schedule Emergency Locksmith / Lockout Service in Atlanta, Brookhaven, Chamblee, Tucker, Norcross, Dunwoody, Smyrna, Decatur, Stone Mountain, GA and all surrounding areas.
404-442-0300

Atlanta Locksmith

Call us now or fill out the form below to request lockout service in Atlanta, Brookhaven, Chamblee, Tucker, Norcross, Dunwoody, Smyrna, Decatur, Stone Mountain, Roswell, Lawrenceville, Sandy Springs, College Park, Lithonia, East Point, Buckhead, Duluth, Lilburn, Scottdale, Doraville, GA and all surrounding areas.


  • Enter Security Code: Quickpro