A vehicle firmware security vulnerability: an IVI exploitation

Abstract

AbstractIn the last years, the increasing vehicular technology has led to a surge in cybersecurity attacks, particularly regarding connected vehicles and their vulnerable infotainment systems. This paper explores the vulnerabilities within an In-Vehicle Infotainment (IVI) system firmware, focusing on the Gen5W_L multimedia device utilized in Hyundai, Kia, and Genesis vehicles. Leveraging reverse engineering techniques, the study uncovers several security issues within the firmware, allowing for the creation and installation of custom firmware. The paper introduces Chimaera, a reverse engineering attack targeting the IVI system firmware, which exploits a vulnerability introduced by statically compiling the mbedtls library. After a reverse engineering analysis and injecting malicious assembly code directly in the IVI firmware, the attack enables the extraction of sensitive information from the firmware files like the cryptographic keys to install a customized firmware. The research shows that exploiting these vulnerabilities facilitates the installation of insecure firmware, granting attackers unauthorized access to vehicle functionalities. This includes the possibility to inject CAN bus messages, potentially compromising critical vehicle systems such as radio controls and safety features. The findings underscore the need for robust cybersecurity measures within automotive systems and highlight the significance of vulnerability assessment to mitigate security risks in connected vehicles.