Potential Hacking into your Ford Bronco

Los · Jan 13, 2023

Greetings everyone,
So I was reading, how hackers are accessing, just about every new vehicle that's connected to the various apps that we like to use. (WI FI)

I just copied what is relevant to Fords and pasting on our forum. So here it goes.

Ford
(Full memory disclosure on production vehicle Telematics API discloses
Discloses customer PII and access tokens for tracking and executing commands on vehicles
Discloses configuration credentials used for internal services related to Telematics
Ability to authenticate into customer account and access all PII and perform actions against vehicles
Customer account takeover via improper URL parsing, allows an attacker to completely access victim account including vehicle portal).

So I wonder if FORD has a plan to protect us customers from becoming victims, do they have software protection, you know like PC's have anti virus and anti hacking software.

cbrenthus · Jan 13, 2023

Ogre · Jan 14, 2023

I think the biggest risk here is people using unverified/ 3rd party apps or trying to connect their bronco to public wifi. Use it as is intended, music and maps, and you'll be fine.

nothingface · Jan 14, 2023

Sounds like a similar or the same article I recently saw. It was light on the details, so unclear exactly how much of a threat it really is. Could be terrible, could be no big deal.

Also of note, my impression was that the attack was on the API to Ford's servers, using the mechanism that the Fordpass app uses. I do not believe it was a direct attack on on the vehicle. In which case, there's nothing a vehicle owner can do about this other than disable the modem, or better yet, simply pull the fuse to the modem. Been thinking about hardwiring a modem kill switch for this very reason.

Scott R Nelson · Jan 14, 2023

Los said:
So I wonder if FORD has a plan to protect us customers from becoming victims, do they have software protection, you know like PC's have anti virus and anti hacking software.

You can protect yourself by turning it off. I did that with mine. I didn't want it updating software without my approval, and didn't want the possibility for someone else accessing something remotely. Yes, I had to give up remote start from the Ford Pass App, but that's a minor thing.

MayhemMike · Jan 14, 2023

It is things such as this that make it good to be a ignorant tech geezer.

Stick in the Mud · Jan 14, 2023

If you’re that worried, do a master reset and don’t turn on ford pass. Or if you’re super paranoid, unplug the modem.

Potential Hacking into your Ford Bronco

Los

Well-Known Member

cbrenthus

Well-Known Member

Ogre

Well-Known Member

nothingface

Member

Scott R Nelson

Well-Known Member

MayhemMike

Well-Known Member

Stick in the Mud

Banned

Similar threads