BMW has patched a jarring flaw allowing hackers to exploit internet of things-enabled doors to gain access to over 2.2m of the firm’s latest cars.
The German car manufacturer has released an update to its ConnectedDrive car connectivity system to protect it from hacking and malware which could have effectively opened car doors to attackers.
The flaw was first discovered by the German Automobile Association (ADAC) which kept it under wraps until BMW corrected it six months later.
BMW released a statement saying: “BMW Group is increasing the security of data transmission in its vehicles. This is the company’s response to reports from the German Automobile Association (ADAC). The motorist’s association had identified a potential security gap when data is transmitted. The BMW Group has already closed this gap with a new configuration.
“The experts from the ADAC had put the company through a strategic review as market leader in vehicle networking. This check revealed a potential security gap affecting the transmission path via the mobile phone network. BMW Group hardware was not impacted.”
The update was carried out automatically when affected vehicles first connected to the BMW Group server.