[LPisGood]

The CAN bus, the network interface vehicle components use to communicate was, at least as of a few years ago, the source of basically infinite vulnerabilities.

Add in over the air updates or worse, updated bluetooth or radio firmware and you find things like stopping a vehicle remotely at highway speeds[1]

[1] https://fractionalciso.com/the-groundbreaking-2015-jeep-hack...

[AlotOfReading]

The people behind that stunt were immediately hired by GM.

[burnt-resistor]

IIRC, many TPMS systems run as CAN over IP, basically giving unsecured network access to a car if it thinks it's talking to a TPMS. Granted that some/most these sensors typically have to be "paired" with a car using a scantool (sometimes), but IIRC, some are self-pairing creating a vulnerability where the legit sensor could be replaced with a hostile one. Also the possibilities of spoofing, sniffing, and/or packet injection seem real too.

[SV_BubbleTime]

>IIRC, many TPMS systems run as CAN over IP,

I’ve been in this industry for 20-some years not a single system I’ve ever seen operates like that.

CAN over IP does not exist invehicles. IP over CAN doesn’t exist at all. UDS over IP does, but this is automotive Ethernet and an entirely different discussion.

[privatelypublic]

I know the receivers are often in a vulnerable position. But, on my 2008 era car- the code I've seen for SDR decoding is a broadcast MAC, pressure and a temp value.