(520) 462-0516

info@threatintel-solutions.net

Threat Intel Solutions

Let’s Talk

Man-in-the-Middle Vulns Provide New Research Opportunities for Car Security

![Picture of Kristina Beek, Associate Editor, Dark Reading](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2248772495e9caeb/64f17d73018a7c55e8822fc1/KristinaB.jpg?width=100&auto=webp&quality=80&disable=upscale ‘Picture of Kristina Beek, Associate Editor, Dark Reading’) [Kristina Beek, Associate Editor, Dark Reading](/author/kristinabeek)March 14, 2025 3 Min Read ![Cars in a tunnel in Shanghai, China](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte1b047d196f563b2/67d4807546b2f1769eee5249/cars1800_imageBROKER.com_alamy.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale ‘Cars in a tunnel in Shanghai, China’) Source: imageBROKER.com via Alamy Stock Photo [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security)[](https://www.reddit.com/submit?url=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security&title=Man-in-the-Middle%20Vulns%20Provide%20New%20Research%20Opportunities%20for%20Car%20Security)[](mailto:?subject=Man-in-the-Middle Vulns Provide New Research Opportunities for Car Security&body=I%20thought%20the%20following%20from%20Dark%20Reading%20might%20interest%20you.%0D%0A%0D%0A%20Man-in-the-Middle%20Vulns%20Provide%20New%20Research%20Opportunities%20for%20Car%20Security%0D%0Ahttps%3A%2F%2Fwww.darkreading.com%2Fcybersecurity-operations%2Fmitm-vulns-research-opportunities-car-security) Several security vulnerabilities within the products of a well-known China-based automotive manufacturer affect hundreds of thousands of cars on the road. The name of the company remains disclosed due to regulations, but more than 150,000 of the company’s [automotive vehicles](https://www.darkreading.com/ics-ot-security/software-defined-vehicle-fleets-twisty-road-cybersecurity) were sold in 2024, meaning many cars on the road in China are currently functioning with the flaws.’The vulnerabilities we found can lead to remote car control after conducting [man-in-the-middle attacks](https://www.darkreading.com/vulnerabilities-threats/top-10-most-probable-ways-company-can-be-hacked),’ says security researcher Yingjie Cao, who along with Xinfeng Chen will take to the stage at [Black Hat Asia](https://www.blackhat.com/asia-25/briefings/schedule/index.html#double-tap-at-the-blackbox-hacking-a-car-remotely-twice-with-mitm-43571) next month to discuss their discovery of the bugs. They found weaknesses in two different models, Cao adds. Automotive Security Bugs Allow Code Execution———————————————The first bug the duo found exists in the cars’ [in-vehicle infotainment](https://www.darkreading.com/vulnerabilities-threats/car-exploit-spy-drivers-real-time) (IVI), also known as the head unit, and ultimately can lead to low privilege [code execution](https://www.darkreading.com/cyberattacks-data-breaches/critical-mozilla-firefox-zero-day-code-execution).’We can -[also-] pivot into another application and use another kernel exploit to gain the privilege of the infotainment -[system-],’ says Cao, who first found the issue in 2021. ‘Afterwards we can gain some limited car control functions, like opening the door, opening the trunk, the window, or the headlight.’ The second vulnerability, discovered just last year, exists in the app for the car, which does not have its own trusted certificate. Cao explains that he and Chen were able to hijack all the traffic of the app simply by injecting a fake certificate. In addition to that, the two were able to get a token, allowing them to [control the car remotely](https://www.darkreading.com/endpoint-security/millions-kia-vehicles-remote-hacks-license-plate). Related:[Trump Taps Sean Plankey to Fill Empty CISA Director Chair](/cybersecurity-operations/trump-sean-plankey-cisa-director)The man-in-the-middle (MiTM) exploits that Cao and Chen describe in their research are ‘beginner-level,’ they say, adding that anyone with some knowledge of cybersecurity could pull off such an attack.Software Security Is Vehicle Security————————————-Today, many automotive companies are still playing catch-up when it comes to tapping cybersecurity skills and resources. [In a study](https://www.sae.org/binaries/content/assets/cm/content/topics/cybersecurity/securing_the_modern_vehicle.pdf) commissioned by Synopsys and SAE international, researchers found that typical automotive organizations have just nine full-time employees focusing on product cybersecurity management.Worse, 30% of respondents reported not having a cybersecurity team in their organization at all. And the ones that do have such security programs test less than half of the hardware, software, and other technologies contained in their vehicles. At the same time, there are increasingly more findings of cars being compromised.Take the [six unpatched vulnerabilities](https://www.darkreading.com/vulnerabilities-threats/6-infotainment-bugs-mazda-usbs) recently found in Mazda’s IVI system, capable of being [exploited via a simple USB](https://www.darkreading.com/vulnerabilities-threats/car-exploit-spy-drivers-real-time). Some could allow for full software system compromise, while another vulnerability could allow a threat actor to pivot to the car’s Controller Area Network (CAN) bus, responsible for physical functions of the car.Related:[Democratizing Security to Improve Security Posture](/cybersecurity-operations/democratizing-cybersecurity-improve-security-posture)This state of affairs becomes more alarming given the trend toward [‘software-defined’ features within cars](https://www.darkreading.com/ics-ot-security/heated-seats-advanced-telematics-software-defined-cars-drive-risk); more code means more exploitable vulnerabilities, many of which can be carried out remotely.Hands-on security research on vehicle hardware remains difficult to execute, thanks to a lack of access by security researchers to proprietary components and software, which might either be protected or wildly expensive to obtain. So, as part of their research, Cao and Chen are also aiming to push the boundaries of how to discover vulnerabilities, by showcasing that there are alternative methods to exposing cybersecurity flaws.’In our talk we are going to express that we did not buy any parts,’ Cao says. ‘We just tested remotely.’ Read more about:[Black Hat News](/keyword/black-hat-news) [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security)[](https://www.reddit.com/submit?url=https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security&title=Man-in-the-Middle%20Vulns%20Provide%20New%20Research%20Opportunities%20for%20Car%20Security)[](mailto:?subject=Man-in-the-Middle Vulns Provide New Research Opportunities for Car Security&body=I%20thought%20the%20following%20from%20Dark%20Reading%20might%20interest%20you.%0D%0A%0D%0A%20Man-in-the-Middle%20Vulns%20Provide%20New%20Research%20Opportunities%20for%20Car%20Security%0D%0Ahttps%3A%2F%2Fwww.darkreading.com%2Fcybersecurity-operations%2Fmitm-vulns-research-opportunities-car-security) About the Author—————-![Kristina Beek, Associate Editor, Dark Reading](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2248772495e9caeb/64f17d73018a7c55e8822fc1/KristinaB.jpg?width=400&auto=webp&quality=80&disable=upscale ‘Kristina Beek, Associate Editor, Dark Reading’) [Kristina Beek, Associate Editor, Dark Reading](/author/kristinabeek)
Skilled writer and editor covering cybersecurity for Dark Reading. [See more from Kristina Beek, Associate Editor, Dark Reading](/author/kristinabeek) Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. [Subscribe](https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi) More Insights Webinars* [DR, SIEM, SOAR, and MORE: How to Determine the Right Endpoint Strategy for Your Enterprise](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa7753&ch=SBX&cid=_upcoming_webinars_8.500001526&_mc=_upcoming_webinars_8.500001526)Mar 19, 2025* [What is the Right Role for Identity and Access Management in Your Enterprise?](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_dels15&ch=SBX&cid=_upcoming_webinars_8.500001529&_mc=_upcoming_webinars_8.500001529)Mar 26, 2025* [Today’s Top Cloud Security Threats](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza63&ch=SBX&cid=_upcoming_webinars_8.500001530&_mc=_upcoming_webinars_8.500001530)Apr 1, 2025* [Memory Safety -& Exploit Management: Real-World Attacks -& Defenses](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa7921&ch=SBX&cid=_upcoming_webinars_8.500001534&_mc=_upcoming_webinars_8.500001534)Apr 3, 2025* [Unifying Cloud Security: A Blueprint for Modern Threat Resilience](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo270&ch=SBX&cid=_upcoming_webinars_8.500001533&_mc=_upcoming_webinars_8.500001533)Apr 4, 2025[More Webinars](/resources?types=Webinar) Events* [-[Conference-] Black Hat USA – August 2-7 – Learn More](https://www.blackhat.com/us-25/?_mc=we_bhas25_drcuration&cid=_session_16.500330)Aug 2, 2025* [-[Conference-] Black Hat Asia – April 1-4 – Learn More](https://www.blackhat.com/asia-25/?_mc=we_bhas25_drcuration&cid=_session_16.500329)Apr 1, 2025* [-[Dark Reading Virtual Event-] Cybersecurity’s Most Promising New and Emerging Technologies](https://ve.informaengage.com/virtual-events/cybersecuritys-most-promising-new-and-emerging-technologies/?ch=SBX&cid=_session_16.500328&_mc=_session_16.500328)Mar 20, 2025[More Events](/events)You May Also Like*** ** * ** ***[Cybersecurity OperationsMicrosoft to Host Windows Security Summit Post-CrowdStrike](https://www.darkreading.com/cybersecurity-operations/microsoft-to-host-windows-security-summit-post-crowdstrike-outage) [Cybersecurity OperationsMicrosoft on CISOs: Thriving Community Means Stronger Security](https://www.darkreading.com/cybersecurity-operations/microsoft-on-cisos-thriving-community-means-stronger-security) [Cybersecurity OperationsAustralian Companies Will Soon Need to Report Ransom Payments](https://www.darkreading.com/cybersecurity-operations/australian-companies-need-to-report-ransom-payments) [Cybersecurity OperationsCrowdStrike Outage Losses Estimated at a Staggering $5.4B](https://www.darkreading.com/cybersecurity-operations/crowdstrike-outage-losses-estimated-staggering-54b)

Related Tags:
NAICS: 336 – Transportation Equipment Manufacturing

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 33 – Manufacturing – Metal

Electronics And Other

Blog: Dark Reading

Software Discovery: Security Software Discovery

Software Discovery

Exploitation for Privilege Escalation

Associated Indicators:
null

Search

Popular Posts

Categories

Pages

Archives

Tags

Follow Us