This report presents the findings of a study on the Mercedes-Benz User Experience (MBUX) infotainment system, focusing on vulnerabilities and diagnostic subsystems that were not previously addressed. The research highlights various attack vectors, including USB and inter-process communication protocols, and identifies several critical vulnerabilities. Affected: Mercedes-Benz MBUX, automotive sector
Keypoints :
- The study analyzes the first-generation MBUX system, emphasizing its architecture and diagnostic capabilities.
- Diagnostic software was used to scan the electronic control unit (ECU) and test diagnostic functions.
- Vulnerabilities were discovered in the MoCCA, GCF, and thriftme protocols.
- Several critical vulnerabilities were identified, including CVE-2024-37600 and CVE-2023-34404.
- Physical access to the vehicle can lead to exploitation of the USB subsystem.
- Weaknesses in the system’s security can allow unauthorized command execution and privilege escalation.
MITRE Techniques :
- TA0001: Initial Access – Exploiting vulnerabilities in USB subsystem.
- TA0004: Privilege Escalation – Exploiting CVE-2021-4034 in Polkit.
- TA0007: Discovery – Scanning TCP ports on MBUX for vulnerabilities.
- TA0040: Impact – Denial of Service through buffer overflow in UserData service.
Indicator of Compromise :
- [file name] pduparser.lua
- [file name] triggerRestore.py
- [file name] triggerBackup.py
- [file name] ud2codec.py
- [file name] vt_ab.xml
- Check the article for all found IoCs.
close with
Full Research: https://securelist.ru/mercedes-benz-head-unit-security-research/111516/