Ethical Hacking News
A recent vulnerability discovered in OpenSynergy's BlueSDK Bluetooth stack has left millions of vehicles exposed to remote code execution (RCE) attacks. The vulnerabilities, identified as PerfektBlue, allow attackers to gain access to sensitive information and potentially take control of critical software functions in the In-Vehicle Infotainment system.
Millions of vehicles from top automakers are exposed to remote code execution (RCE) attacks due to PerfektBlue security flaws. The vulnerabilities, identified in OpenSynergy's BlueSDK Bluetooth stack, can be chained together to run arbitrary code on cars from at least three major manufacturers. PerfektBlue allows attackers to achieve remote code execution on a vulnerable device, serving as an entrypoint to the targeted system, particularly the IVI (In-Vehicle Infotainment) system. The four identified vulnerabilities have CVSS scores ranging from 3.5 to 8.0 and can be exploited to gain access to sensitive information such as GPS coordinates and audio recordings. Patches were rolled out in September 2024, but the vulnerability highlights the need for automakers to prioritize vehicle security and implement robust measures to protect against RCE attacks.
PerfektBlue, a set of four critical security flaws discovered by cybersecurity researchers, has left millions of vehicles from top automakers exposed to remote code execution (RCE) attacks. The vulnerabilities, identified in OpenSynergy's BlueSDK Bluetooth stack, can be chained together to run arbitrary code on cars from at least three major manufacturers: Mercedes-Benz, Volkswagen, and Skoda.
According to PCA Cyber Security, the vulnerability dubbed PerfektBlue allows attackers to achieve remote code execution on a vulnerable device, serving as an entrypoint to the targeted system. In this case, the IVI (In-Vehicle Infotainment) system is critical, providing access to sensitive information such as GPS coordinates, audio recordings, and contact lists.
The researchers found four vulnerabilities in the BlueSDK Bluetooth stack: CVE-2024-45434 (CVSS score: 8.0), which involves a use-after-free vulnerability in the AVRCP service; CVE-2024-45431 (CVSS score: 3.5), which is related to improper validation of an L2CAP channel's remote CID; CVE-2024-45433 (CVSS score: 5.7), which involves incorrect function termination in RFCOMM; and CVE-2024-45432 (CVSS score: 5.7), which concerns a function call with incorrect parameters in RFCOMM.
These vulnerabilities can be exploited to gain access to the IVI system, allowing attackers to track GPS coordinates, record audio, access contact lists, and potentially take control of critical software functions, such as engine control. The researchers emphasized that the pairing process for the Bluetooth attack is implementation-specific due to the framework nature of BlueSDK.
In a responsible disclosure scenario in May 2024, patches were rolled out in September 2024. However, this vulnerability highlights the need for automakers to prioritize vehicle security and implement robust measures to protect against RCE attacks.
The researchers also highlighted that an attacker with physical access to the car could tap into it using injection attacks and impersonation of trusted devices. This vulnerability is a significant concern, as it exposes millions of vehicles to potential exploitation.
The discovery of PerfektBlue underscores the importance of ongoing security research and testing to identify vulnerabilities in critical systems like automotive infotainment systems. It also serves as a reminder that even seemingly isolated systems can be vulnerable to exploitation if not properly secured.
Related Information:
https://www.ethicalhackingnews.com/articles/Beware-of-the-Hidden-Backdoor-PerfektBlue-Vulnerability-Exposes-Millions-of-Vehicles-to-Remote-Code-Execution-ehn.shtml
https://thehackernews.com/2025/07/perfektblue-bluetooth-vulnerabilities.html
https://nvd.nist.gov/vuln/detail/CVE-2024-45434
https://www.cvedetails.com/cve/CVE-2024-45434/
https://nvd.nist.gov/vuln/detail/CVE-2024-45431
https://www.cvedetails.com/cve/CVE-2024-45431/
https://nvd.nist.gov/vuln/detail/CVE-2024-45433
https://www.cvedetails.com/cve/CVE-2024-45433/
https://nvd.nist.gov/vuln/detail/CVE-2024-45432
https://www.cvedetails.com/cve/CVE-2024-45432/
Published: Fri Jul 11 08:22:29 2025 by llama3.2 3B Q4_K_M