image: Ford
Last week, Ford shared it has learned of a vulnerability in the Wi-Fi software driver supplied for use in the SYNC 3 infotainment system, the interface program in the 2021-2024 Bronco Sport. SYNC 3 lets owners control climate, connect their phones for audio and navigation, and more.
The Details
The weakness can allow an attacker within wireless range to gain the ability to overwrite memory of the host processor, states Texas Instruments. The security bulletin documenting this vulnerability is CVE-2023-29468.
The Low Risk
Ford says it has seen no evidence the vulnerability has been exploited, and to do so “would likely require significant expertise and would also include being physically near an individual vehicle that has its ignition and Wi-Fi setting on.”
Going further to reassure customers, the motor company says in the unlikely occurrence, remote access would not affect the safety of occupants, as SYNC3 is firewalled from steering, throttling, and braking.
The Fix
Ford is working on a software patch that can be downloaded and installed by USB. Until then, concerned Bronco Sport owners can turn off the Wi-Fi functionality under the Settings menu.
Comments
You must log in or register to post here.