Sunday, January 19, 2025
Homecyber securityCritical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars

Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars

Published on

SIEM as a Service

Follow Us on Google News

Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day vulnerabilities that could allow attackers to gain full control over vehicle systems.

These vulnerabilities, highlighted in a presentation by security researcher Amit Geynis of PlaxidityX, underscore the urgent need for robust cybersecurity measures in the automotive industry.

Series of Vulnerabilities

The first vulnerability, labeled as “Vulnerability #1,” involves an arbitrary remote code execution over the Controller Area Network (CAN).

This vulnerability exploits a `memcpy` function in an Interrupt Service Routine (ISR), which operates with the highest privileges, allowing attackers to write directly to the return address on the stack and bypass stack canaries.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

This can be leveraged to execute Return-Oriented Programming (ROP) attacks, giving attackers full control over the system.

The second vulnerability, “Vulnerability #2,” concerns a remote code execution (RCE) over IPsec and SOME/IP-SD protocols.

Through interface fuzzing, researchers found stack overflows that could lead to the program counter pointing to invalid memory areas, with no stack canaries in place to prevent this.

This vulnerability can be chained with others to gain full control over safety-critical resources.

Furthermore, “Vulnerability #3” highlights issues with shaky cryptography in mobile apps used for remote commands.

The use of non-random, derivable keys and hard-coded master keys makes it possible for attackers to bypass authentication and impersonate legitimate sources, such as the Telematics Control Unit (TCU).

Lastly, “Vulnerability #4” involves a remote and persistent vulnerability via cellular connections.

Attackers can use binary SMS messages to trigger communication with the backend and inject arbitrary executables into the system, potentially impacting safety-critical CAN bus communications.

The presentation reads that these findings are part of a broader trend of zero-day vulnerabilities in the automotive industry.

For instance, the Pwn2Own Automotive event, hosted by VicOne and Trend Micro’s Zero Day Initiative (ZDI), discovered 49 unique zero-day vulnerabilities, with VicOne products being the only ones capable of detecting 44 of these vulnerabilities.

The prevalence of such vulnerabilities underscores the importance of proactive cybersecurity measures.

VicOne emphasizes the need for early detection capabilities and holistic security approaches to mitigate these risks.

The company’s products, including xNexus, xCarbon, and xZETA, are designed to provide comprehensive threat intelligence and vulnerability management.

In a broader context, zero-day vulnerabilities are a critical concern across various industries.

Recent reports have highlighted vulnerabilities in Windows security functions, such as CVE-2024-38217, which allows attackers to bypass the Mark of the Web protections, and CVE-2024-38193, a privilege escalation vulnerability exploited by the Lazarus Group.

The automotive industry must take these threats seriously and invest in robust cybersecurity measures to protect against these vulnerabilities.

This includes regular security audits, penetration testing, and the use of advanced threat intelligence tools to detect and mitigate zero-day vulnerabilities before they can be exploited.

In conclusion, the recent discoveries of critical zero-day vulnerabilities in the automotive industry serve as a stark reminder of the need for enhanced cybersecurity.

By adopting a proactive and holistic approach to security, the industry can better protect against these threats and ensure the safety and integrity of vehicle systems.

Strategies to Protect Websites & APIs from Malware Attack => Free Webinar

Varshini
Varshini
Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Latest articles

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....

New Tool Unveiled to Scan Hacking Content on Telegram

A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

AIRASHI Botnet Exploiting 0-Day Vulnerabilities In Large Scale DDoS Attacks

AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August...

New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware

Botnets are the networks of compromised devices that have evolved significantly since the internet's...

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

A critical flaw in Google's "Sign in with Google" authentication system has left millions...