Texas Instruments recently alerted Ford to a Wi-Fi driver flaw that makes the software it supplies for the automaker’s Sync 3 infotainment system susceptible to hijacking. The.
Owners of Ford vehicles made after 2015 should check if their infotainment systems use the company’s Sync 3 software and, if so, deactivate Wi-Fi. The company recently disclosed a severe vulnerability in the firmware’s Wi-Fi drivers enabling remote code execution. A patch is currently in development.
Texas Instruments recently alerted Ford to a Wi-Fi driver flaw that makes the software it supplies for the automaker’s Sync 3 infotainment system susceptible to hijacking. The core problem is that the TI WiLink WL18xx MCP driver allows unlimited information elements (IEs) to be parsed in a management frame. Drivers can check their system’s version number under Settings > General > About SYNC.
This flaw potentially enables an attacker to trigger a buffer overflow, overwrite the host processor’s memory, and execute remote code.