Specialists of the division of the Chinese cyber security company Qihoo 360, specializing in vehicle cybersecurity, have discovered nearly two dozen vulnerabilities in Mercedes-Benz E-Class cars, including problems that allow the car to be hacked remotely. The results of the study, conducted since 2018, were presented at the Black Hat conference, which this year was held in a virtual format in connection with the coronavirus pandemic.
During the analysis, experts identified 19 vulnerabilities in the Mercedes-Benz E-Class, the exploitation of which made it possible to gain access to the computer systems of the car to remotely start the engine and open the doors. Most of the issues found by the Sky-Go team involved the telematics control unit (TCU) and backend servers.
Using an interactive shell with superuser rights, the researchers managed to gain access to the TCU file system, which contained passwords and certificates for the backend server.
Experts were also able to access backend servers using an embedded eSIM card, which is commonly used to secure connectivity, vehicle identification, and encrypt communications.
The problem was that the backend servers did not authenticate requests from the Mercedes me mobile app, through which car owners can remotely control various vehicle functions. According to the researchers, using this vulnerability, a hacker can block and unlock car doors, raise and lower the roof, turn on the headlights and even start the engine. It is worth noting that the specialists failed to hack any of the car's security functions.
The Sky-Go team passed information about the discovered vulnerabilities to the owner of the Mercedes-Benz E-Class brand Daimler, which fixed them in December 2019.
