Cybersecurity researchers at PCA Cyber Security have identified PerfektBlue, a severe vulnerability targeting the BlueSDK Bluetooth framework developed by OpenSynergy. This flaw is widespread, impacting millions of devices, especially in the automotive industry, where it is used in vehicle infotainment systems.
PerfektBlue enables attackers to remotely execute malicious code on affected devices with minimal effort — often requiring just a single Bluetooth pairing or tap. Once inside, hackers could potentially track GPS locations, record in-car audio, access contact lists, and even move laterally to compromise other critical vehicle systems.
Which vehicles are affected?
Major automakers such as Mercedes-Benz, Volkswagen, and Skoda utilize BlueSDK in their infotainment units. Demonstrations have shown how attackers can gain control of these systems across different vehicle models, including recent and upcoming models.
How can you protect yourself?
- Keep your vehicle’s firmware updated as manufacturers release patches.
- Disable Bluetooth when not in use.
- Be cautious about pairing with unknown devices.
This discovery underscores the importance of security updates in connected vehicles and the need for automakers to prioritize cybersecurity in their systems.
Learn more on PCA Cyber Security’s official post on the vulnerability here.
Leave a Reply