What is the security vulnerability in SYNC3 infotainment system?

A security vulnerability has been identified in the Wi-Fi driver utilized in the SYNC3 infotainment system by Ford, potentially enabling an attacker to exploit a buffer overflow when in close proximity to the vehicle.

How is the vulnerability tracked?

The vulnerability is tracked as CVE-2023-29468, originating from the Texas Instrument WiFi Link WL18xx MCP driver, which could be exploited through a specially designed data frame to initiate a buffer overflow and remote code execution attack.

What are the prerequisites for exploiting this vulnerability?

The risk is considered low due to the need for physical proximity, an active engine, and Wi-Fi support to be enabled. Successful exploitation would require extended proximity and a high level of expertise.

What would be the impact of a successful exploit?

Even if exploited, the impact would be minimal as the infotainment system is isolated from critical vehicle controls like steering and braking, ensuring the safety of occupants.

How is Ford addressing the vulnerability?

Ford is working on developing a patch to address the vulnerability.

What interim protective measure is suggested?

Ford recommends disabling Wi-Fi support within the SYNC 3 infotainment system to mitigate the vulnerability until the patch is available.

Which vehicle models are affected?

This vulnerability affects all Ford and Lincoln models equipped with SYNC 3, including vehicles like the 2021 and 2022 Mustang, Bronco Sport, and Expedition.

Is there guidance for customers?

Ford recommends customers verify their SYNC system version and will provide additional guidance on deploying the patch once it's available.

Advisory

Ford reports Vulnerability in WiFI SYNC 3, cars vulnerable while engine is running

Q: Has the vulnerability been exploited?

As of now, there have been no known instances of this vulnerability being exploited.

published: Aug. 14, 2023

Take action: Not a critical advisory, but a sign of times to come: We will be reading and reacting to cybersecurity vulnerabilities in even more parts of our life, even the vehicles we travel in.

Learn More

A security vulnerability has been identified in the Wi-Fi driver utilized in the SYNC3 infotainment system by Ford. This vulnerability could potentially enable an attacker to exploit a buffer overflow if they are in close proximity to the vehicle.

This issue is tracked as CVE-2023-29468. The root of the vulnerability, lies within the Texas Instrument WiFi Link WL18xx MCP driver. An individual with malicious intent could craft a specially designed data frame to initiate a buffer overflow, opening the door for a remote code execution attack.

Although this vulnerability raises concerns among Ford's customer base that utilizes vehicles equipped with SYNC 3, Ford clarifies that as of now, there have been no known instances of this vulnerability being exploited.

The risk of the vulnerability is deemed as low since successful exploitation requires the attacker to be physically near the exposed vehicle. The attack's success also hinges on the vehicle's engine being active and the Wi-Fi support being enabled. So, in practical terms, the attackers need to drive next to you for an extended period of time to execute the hack.

On top of the mechanical impediments to the attack, it's complexity demands a high level of expertise, effectively limiting the potential culprits to experienced hackers. Ford is confident that the prerequisites for exploitation, including the need for proximity and an active engine, make the occurrence unlikely.

In case of successful exploit, Ford claims that the impact would be minimal. The infotainment system is isolated from critical vehicular controls such as steering, braking, and acceleration. This isolation means that even if compromised, the safety of the vehicle's occupants would remain unaffected.

To address this vulnerability, Ford is working on developing a patch.

In the interim, Ford has identified a simple protective measure - disabling the Wi-Fi support within the SYNC 3 infotainment system. With this, the vulnerability can effectively be thwarted. This precaution is significant as it eliminates one of the key prerequisites for an attacker to launch an assault on the system.

This vulnerability is present across all Ford and Lincoln models equipped with the SYNC 3 system that have been produced, including vehicles like the 2021 and 2022 Mustang, the 2021 and 2022 Bronco Sport, and the 2021 Expedition. Ford urges its customers to verify the version of their SYNC system to confirm whether their vehicles are susceptible to this particular security threat.

Ford reports Vulnerability in WiFI SYNC 3, cars vulnerable while engine is running