Suche
Mein Konto
Critical Bluetooth gap: Millions of VW and Skoda at risk!
Security researchers reveal critical Bluetooth vulnerabilities in VW and Skoda vehicles; Risk reduction measures initiated.
Critical Bluetooth gap: Millions of VW and Skoda at risk!
In an alarming development, security researchers have identified a critical Bluetooth vulnerability affecting Volkswagen and Skoda vehicles. This vulnerability, which affects OpenSynergy's BlueSDK Bluetooth system, could be exploited in vehicle entertainment systems. The discovery was made by the company PCA Cyber Security and could make several car owners sweat. How News38 highlights, Mercedes vehicles that use the same system are also affected.
In order to successfully carry out an attack, a few conditions must be met: the attacker must be within seven meters of the vehicle, the ignition must be switched on and the entertainment system must be in pairing mode. In addition, the vehicle driver must actively consent to the connection.
PerfectBlue: A threatening vulnerability
The vulnerability is called “PerfektBlue” and includes a total of four specific weaknesses that allow attackers to access critical elements of the vehicles. BleepingComputer reports that OpenSynergy confirmed these risks as early as June 2023 and released patches in September 2024. But many car manufacturers have not yet provided these firmware updates, putting the security of the vehicles at risk.
It was discovered that at least one major automaker was only recently notified of the risks. The weaknesses should not be underestimated; they range from low to high in severity. A successful attack could allow hackers to track GPS coordinates, read phone contacts or even listen to microphones.
The reaction of the car manufacturers
Volkswagen has loud Golem immediately began investigating the security vulnerability. VW assured that no critical vehicle functions such as steering or braking would be at risk in the event of an attack. However, there is still the possibility of obtaining sensitive data and information via the entertainment system. OpenSynergy closed the security hole last fall and provided appropriate updates.
Car owners are urged to be careful. It is recommended to reject suspicious pairing requests, disable Bluetooth functionality when not needed, and ensure the latest software updates are installed to avoid giving access to potential attackers.
The situation not only raises questions about security and privacy, but also highlights the importance of regular software updates in the connected automotive industry. While manufacturers such as Mercedes-Benz have already taken measures to mitigate risks, many hope that all affected manufacturers respond quickly to ensure the safety of their customers.