CVE-2024-48793

Vulnerability

Overview

The INATRONIC BMW app (com.inatronic.bmw) version 2.7.1 contains an incorrect access control vulnerability during the firmware update process. The app uses HTTP requests to download firmware updates, and by reverse engineering the application, an attacker can identify the firmware download mechanism and reconstruct the download URLs. The vendor's firmware server lacks proper access control, allowing unauthorized access to firmware files [1].

Exploitation

An attacker can exploit this vulnerability by sending crafted HTTP GET requests to the firmware server (download.inatronic.com) using the reconstructed URLs. The server responds with the firmware binary without requiring any authentication or authorization. The attacker does not need physical access to the device; the vulnerability can be exploited remotely over the network [1].

Impact

Successful exploitation allows a remote attacker to download the latest firmware files for the BMW app. This firmware leakage can expose sensitive information such as proprietary code, encryption keys, or other embedded data that could be used for further attacks or reverse engineering [1].

Mitigation

As of the report, no official patch has been announced. The vendor should implement proper access controls on the firmware update server, such as requiring authentication or token verification before serving firmware files [1].