Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs

2020-08-06 21:29

Researchers say the flaws, detailed at Black Hat USA on Thursday, potentially impacted over 2 million Mercedes-Benz connected cars before they were fixed.

"We reported the flaws to Mercedez-Benz, we found about 19 vulnerabilities," said Minrui Yan, head of the Sky-Go Team with 360 Group, presenting with Jiahao Li, researcher with 360 Group, at Black Hat.

Researchers found six of the 19 flaws in the HERMES component.

In order to send remote-services commands, researchers probed the HERMES TCU system of the car, which they say is the most crucial component in the whole system, since it features the communication module that connects the in-vehicle infotainment network and the external network and Mercedes Me app.

Check out Threatpost's live Black Hat USA 2020 coverage, including news interviews, threat research updates and more, here.

News URL

https://threatpost.com/black-hat-19-flaws-connected-mercedes-benz-vehicles/158144/

#blackhat #series

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Mercedes Benz		6	1	4	2	4	11