This article is more than 1 year old
Can't afford a BMW or Roller? Just HACK its doors open!
Patch inbound for Beemers, Minis and Royces with a clear view of the sky
BMW has plugged a hole that could allow remote attackers to open windows and doors for 2.2 million cars.
The flaws were found by the German motoring association ADAC in the ConnectedDrive technology that allows BMW, Mini and Rolls Royce drivers to access their wheels with a smartphone.
BMW patched the flaw remotely, thereby improving the security of beemers, Mini hatches and Rolls-Royce models including Ghosts, Wraiths, and coupes.
The flaw meant crims could drive off with a luxury freebie if they combined the door-opening hack with a 2012 exploit that allowed the keyfob of BMWs produced before 2011 to be copied using a US$30 tool.
It emerged at the time that Beemers in the Australian state of Queensland were being pinched at a "diabolical" rate.
ADAC technology president Thomas Burkhardt said it waited for BMW to drop a patch before revealing the flaw.
"As a responsible consumer advocates we have held off publication of this vulnerability until it was closed by the manufacturer to prevent criminals exploiting the attack," Burkhardt said in a statement.
"The ADAC does not have any proof that the vulnerability was used in burglaries or theft."
Attackers could set up fake wireless networks to intercept and transmit the clear-text data to the cars but could not have impacted vehicle acceleration or braking systems.
BMW's patch also updated its patch distribution system to use HTTPS.
Automatic delivery of the update could fail if a car's battery was disconnected or the vehicle was located in a coverage black spot.
That meant cars in underground long-term parking spots could be ripe targets.
The association took the opportunity to prompt car manufacturers to better secure vehicle software.
Drivers could manually select software updates to ensure the patch was received. ®