A buffer overflow vulnerability was discovered not too long ago in the Wi-Fi driver that Ford employs in the SYNC 3 entertainment system. Following the identification of the vulnerability, Ford swiftly informed the appropriate parties and made the information public.It is common knowledge that hackers may take over a vehicle by abusing one of its many functionalities; yet, the successful implementation of such cyber attacks in the real world is still difficult.
Even while there are certain vulnerabilities that have immediate and catastrophic repercussions, other flaws allow potential danger actors to remotely access and start the automobiles by exploiting the weaknesses.Because of the widespread use of this technology in Ford and Lincoln automobiles, the successful exploitation of this vulnerability might provide threat actors the ability to carry out remote code execution.
This bug, which has been assigned the tracking number “CVE-2023-29468,” was discovered by a researcher, who then informed Texas Instruments (TI), the company that supplies Wi-Fi modules, about the vulnerability.
CVE-2023-29468
The amount of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that may be parsed in a management frame is not restricted by the TI WiLink WL18xx MCP driver in any way. A buffer overflow may be induced by using a frame that has been specifically designed, which has the potential to result in the execution of remote code.Score assigned by the CVSS: The CVSS base score for this concern might vary anywhere from 8.8 to 9.6.
WILINK8-WIFI-MCP8 versions 8.5_SP3 and earlier are included in the list of affected products.Voice commands, in-car WiFi, and connection are just some of the features that come standard with the SYNC3 infotainment system. The issue affects Ford customers, however there have been no reports of any exploits being used.
In addition, in order for an attack to be effective, the attackers need to be in close vicinity to an exposed engine that is operating and has Wi-Fi enabled.According to the findings of Ford’s analysis, this vulnerability will not have any effect on the safety of the car. This is because the infotainment system firewall prohibits control interference with the steering, braking, and throttle.In addition to this, Ford has guaranteed that the online software patch for USB installation will be made available very soon. Customers who are worried about the vulnerability can disable the Wi-Fi connection via the Settings menu of SYNC 3 or check the status of their vehicle’s SYNC 3 connection online.
Customers who elect to connect the SYNC 3 Wi-Fi feature to a network (such as a home Wi-Fi system) will be able to download this update over-the-air (OTA) whenever the software update becomes available, according to a representative for Ford. This information was provided by the Ford spokesman.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.