DEF CON 31 Car Hacking Village - Automotive USB Fuzzing - Euntae Jang, Donghyon Jeong, Jonghyuk Song
HTML-код
- Опубликовано: 3 июл 2024
- Recently, automotive industry is performing USB fuzzing in an inefficient way for automobiles. Usually, fuzzing is performed by commercial media fuzzers, but the fuzzers are not directly connected to the vehicle during fuzzing. So, it requires much manual efforts of testers.
In this talk, we propose efficient way to perform USB fuzzing to actual vehicles. We describe how to perform USB fuzzing to kernel area fuzzing as well as media fuzzing by directly connecting the fuzzer and the car with a USB cable. By this method, we found real-world vulnerabilities in Volkswagen Jetta, Renault Zoe, GM Chevrolet Equinox, and AGL. Наука
Huge respect for giving this talk in a non native language.
I'm trying to imagine trying to do the same after a week of Korean classes. I would've walked away.
Thanks for this shared fuzzing expertise ! For the CVE-2023-39075, the type mentionned is kernel, but which kernel component is vulnerable ? Because, the cpe identified is the OS cpe:2.3:o:renault:zoe_ev_2021_firmware:*:*:*:*:*:*:*:* , but not a kernel component ?
❤