Ethical Hacking News
Researchers have discovered critical vulnerabilities in OpenSynergy BlueSDK, a widely adopted Bluetooth implementation used in infotainment systems of Mercedes, Volkswagen, and Skoda. The PerfektBlue attack could allow hackers to gain remote code execution and manipulate the system.
The PerfektBlue attack chain poses a significant risk to the security of Mercedes, Volkswagen, and Skoda's infotainment systems. Four critical vulnerabilities were identified in OpenSynergy BlueSDK: CVE-2024-45434, CVE-2024-45431, CVE-2024-45433, and CVE-2024-45432. The attack allows hackers to gain remote code execution, manipulate the system, escalate privileges, and perform lateral movement to other components of the target product. Patches were released in September 2024 to mitigate the risks posed by the PerfektBlue attack.
The automotive industry has been shaken by a new wave of cyber threats, as researchers from PCA Cyber Security have discovered critical vulnerabilities in OpenSynergy BlueSDK, a widely adopted Bluetooth implementation used in infotainment systems of Mercedes, Volkswagen, and Skoda. The PerfektBlue attack, as it has come to be known, poses a significant risk to the security of these vehicles' systems, potentially allowing hackers to gain remote code execution, manipulate the system, escalate privileges, and even perform lateral movement to other components of the target product.
According to the researchers, the PerfektBlue attack chain relies on exploiting vulnerabilities in the OpenSynergy BlueSDK Bluetooth framework, which is used by numerous vehicle manufacturers. The framework provides a hardware-agnostic interface for Bluetooth connectivity, allowing it to be easily integrated into various systems. However, this flexibility also makes it vulnerable to exploitation.
The researchers identified four critical vulnerabilities in the OpenSynergy BlueSDK: CVE-2024-45434 (Use-After-Free in AVRCP service), CVE-2024-45431 (Improper validation of an L2CAP channel's remote CID), CVE-2024-45433 (Incorrect function termination in RFCOMM), and CVE-2024-45432 (Function call with incorrect parameter in RFCOMM). These vulnerabilities have a CVSS score ranging from 3.5 to 8.0, indicating their severity.
The PerfektBlue attack can be carried out by pairing with the target device, allowing an attacker to exploit the vulnerabilities and gain access to the infotainment system. Once inside, the attacker can potentially track the location of the vehicle, record audio, access phonebook data, and even control critical functions such as steering and wipers.
The researchers demonstrated the attack against Mercedes-Benz NTG6 head unit, Volkswagen MEB ICAS3 head unit, and Skoda MIB3 head unit. They also developed proof-of-concept exploits for three infotainment systems of different vendors, showcasing the potential impact of this vulnerability.
The OpenSynergy Security Team was notified of the vulnerabilities on May 17, 2024, and promptly worked on patches. The patches were completed in September 2024, ensuring that affected devices would receive timely updates to mitigate the risks posed by the PerfektBlue attack.
To raise awareness about the PerfektBlue attack chain among OEMs, suppliers, and end-users, PCA Cyber Security initiated responsible disclosure by sharing the content of the PerfektBlue advisory website with OpenSynergy. The advisory was officially released on July 7, 2025, providing a clear timeline for coordinated disclosure.
The discovery of the PerfektBlue vulnerabilities highlights the importance of ensuring the security of infotainment systems in vehicles. As the automotive industry continues to rely heavily on connected devices and advanced technologies, it is crucial that manufacturers prioritize cybersecurity measures to protect their customers from potential threats.
In conclusion, the PerfektBlue Bluetooth attack represents a significant risk to the security of Mercedes, Volkswagen, and Skoda's infotainment systems. The vulnerabilities identified by PCA Cyber Security have been addressed through patches, but it is essential for vehicle owners to stay informed about any updates or security advisories related to their devices.
Related Information:
https://www.ethicalhackingnews.com/articles/Unveiling-the-PerfektBlue-Bluetooth-Attack-A-Threat-to-Infotainment-Systems-of-Mercedes-Volkswagen-and-Skoda-ehn.shtml
https://securityaffairs.com/179789/hacking/perfektblue-bluetooth-attack-allows-hacking-infotainment-systems-of-mercedes-volkswagen-and-skoda.html
https://nvd.nist.gov/vuln/detail/CVE-2024-45434
https://www.cvedetails.com/cve/CVE-2024-45434/
https://nvd.nist.gov/vuln/detail/CVE-2024-45431
https://www.cvedetails.com/cve/CVE-2024-45431/
https://nvd.nist.gov/vuln/detail/CVE-2024-45433
https://www.cvedetails.com/cve/CVE-2024-45433/
https://nvd.nist.gov/vuln/detail/CVE-2024-45432
https://www.cvedetails.com/cve/CVE-2024-45432/
Published: Thu Jul 10 17:33:05 2025 by llama3.2 3B Q4_K_M
