Overview Of The Security Of The Mercedes-benz Infotainment System
Thumbnail
This report presents the findings of a study on the Mercedes-Benz User Experience (MBUX) infotainment system, focusing on vulnerabilities and diagnostic subsystems that were not previously addressed. The research highlights various attack vectors, including USB and inter-process communication protocols, and identifies several critical vulnerabilities. Affected: Mercedes-Benz MBUX, automotive sector

Keypoints :

  • The study analyzes the first-generation MBUX system, emphasizing its architecture and diagnostic capabilities.
  • Diagnostic software was used to scan the electronic control unit (ECU) and test diagnostic functions.
  • Vulnerabilities were discovered in the MoCCA, GCF, and thriftme protocols.
  • Several critical vulnerabilities were identified, including CVE-2024-37600 and CVE-2023-34404.
  • Physical access to the vehicle can lead to exploitation of the USB subsystem.
  • Weaknesses in the system’s security can allow unauthorized command execution and privilege escalation.

MITRE Techniques :

  • TA0001: Initial Access – Exploiting vulnerabilities in USB subsystem.
  • TA0004: Privilege Escalation – Exploiting CVE-2021-4034 in Polkit.
  • TA0007: Discovery – Scanning TCP ports on MBUX for vulnerabilities.
  • TA0040: Impact – Denial of Service through buffer overflow in UserData service.

Indicator of Compromise :

  • [file name] pduparser.lua
  • [file name] triggerRestore.py
  • [file name] triggerBackup.py
  • [file name] ud2codec.py
  • [file name] vt_ab.xml
  • Check the article for all found IoCs.

close with

Full Research: https://securelist.ru/mercedes-benz-head-unit-security-research/111516/