PCA Cyber Security researchers have uncovered a set of critical vulnerabilities in the widely used Blue SDK Bluetooth stack, exposing millions of vehicles and smart devices to serious privacy and safety threats.
The vulnerabilities, collectively named “PerfektBlue,” affect software developed by OpenSynergy, which is embedded in products from major manufacturers such as Mercedes-Benz, Skoda, Volkswagen, and various mobile and gadget makers.
According to PCA, the PerfektBlue chain could allow remote attackers to execute code on targeted devices. This could lead to GPS tracking, in-car audio recording, access to phonebook data, and even unauthorized control over vehicle functions like steering, horn, and windshield wipers, posing a severe risk to users’ safety and privacy.
At least 69 major international companies are believed to be impacted. PCA responsibly disclosed the flaws to OpenSynergy, which confirmed the issues and has since released patches. The company also committed to informing all affected vendors.
The research has now been published after a grace period to allow time for notification and remediation across the complex global supply chain.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
