"Ford Says Cars With Wi-Fi Vulnerability Still Safe to Drive"

Ford warns of a buffer overflow vulnerability in the SYNC3 infotainment system used in many Ford and Lincoln vehicles, which could enable Remote Code Execution (RCE), but claims that vehicle safety is unaffected. SYNC3 is a modern infotainment system that supports Wi-Fi hotspots, phone connectivity, voice commands, and third-party applications. The WL18xx MCP driver for the Wi-Fi subsystem of the car's infotainment system contains the vulnerability, tracked as CVE-2023-29468. It allows an attacker within Wi-Fi range to cause a buffer overflow using a specially crafted frame. This article continues to discuss the potential exploitation and impact of the vulnerability in the SYNC3 infotainment system.

Bleeping Computer reports "Ford Says Cars With Wi-Fi Vulnerability Still Safe to Drive"

Submitted by Anonymous on