Infotainment Security

IVI

In-Vehicle Infotainment (IVI) systems run full operating systems (Android, QNX, Linux) and provide numerous attack surfaces including Bluetooth, WiFi, and USB.

Attack Surfaces

Wireless

• Bluetooth pairing attacks
• WiFi AP exploitation
• Cellular modem
• NFC (if present)

Physical

• USB ports (malicious devices)
• SD card (firmware updates)
• Debug ports (UART, JTAG)
• App installation

Bluetooth Attacks

ivi-attacks.sh

bash

# Bluetooth scanning
hcitool scan
bluetoothctl
> scan on

# Check for BlueZ vulnerabilities
# BlueBorne, KNOB attack, etc.

# Bluetooth audio injection
# Some systems accept audio from unauthenticated sources

# Exploit Android-based IVI
# Standard Android vulns may apply
# Check for debug builds, unlocked bootloaders

# USB attacks
# Malicious USB devices
# USBKill
# BadUSB for HID injection

# Firmware extraction
# Monitor for update files
# Analyze SD card update mechanism

CAN Gateway

IVI systems often connect to the CAN bus through a gateway. Compromising the IVI may allow pivoting to vehicle control systems.

Infotainment Security

Attack Surfaces

Wireless

Physical

Bluetooth Attacks

Related Topics

Keyless Entry

Telematics