Researchers discovered critical vulnerabilities in smart bus systems that could allow hackers to remotely control and spy on vehicles by exploiting shared network configurations. The security flaws, including an MQTT backdoor and lack of network segmentation, remain unpatched, posing significant risks to public transportation security. #M2MRouter #APTS #ADAS #MQTTBackdoor
Keypoints
- Researchers identified vulnerabilities in smart bus communication systems during the DEF CON conference.
- The same M2M router powers both passenger Wi-Fi and critical vehicle systems like APTS and ADAS.
- Hackers could remotely access buses, track locations, steal data, and manipulate onboard systems.
- Network segmentation was absent, allowing unauthorized access to sensitive systems due to weak passwords.
- The vulnerabilities include an MQTT backdoor that remains unpatched as manufacturers did not respond.