Cybersecurity researchers have uncovered four critical vulnerabilities in OpenSynergy’s BlueSDK Bluetooth stack, which can be exploited for remote code execution on millions of vehicles across multiple automakers. The flaws, dubbed PerfektBlue, enable attackers within Bluetooth range to control vehicle functions and access sensitive data, highlighting the importance of timely security updates. #PerfektBlue #BlueSDK #RemoteCodeExecution
Keypoints
- The vulnerabilities reside in OpenSynergy’s BlueSDK Bluetooth stack and can be chained to achieve remote code execution.
- The attack requires proximity within 5 to 7 meters and active Bluetooth pairing with the vehicle.
- Exploiting these flaws can grant access to GPS, audio recording, contacts, and potentially critical vehicle systems.
- Major automakers affected include Mercedes-Benz, Volkswagen, Skoda, and an unnamed OEM.
- Patches and security updates have been released to mitigate these vulnerabilities following responsible disclosure.
Read More: https://thehackernews.com/2025/07/perfektblue-bluetooth-vulnerabilities.html