Описание
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle, as demonstrated by turning off the vehicle's lights.
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle, as demonstrated by turning off the vehicle's lights.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-12797
- https://www.kth.se/polopoly_fs/1.914060.1561621279!/Ludvig%20and%20Daniel_final_dongles.pdf
- https://www.kth.se/polopoly_fs/1.914063.1561621564!/Marstorp%20%26%20Lindstrom%2C%20Security%20Testing%20of%20an%20OBD-II%20Connected%20IoT%20Device.pdf
- https://www.kth.se/polopoly_fs/1.917488.1564430206!/elm327.pdf
Связанные уязвимости
CVSS3: 9.8
nvd
больше 6 лет назад
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle.