Exploitation of Remote Services in In-Vehicle Network

Adversaries may exploit remote services in In-Vehicle network to gain unauthorized access to internal systems once inside of the vehicle. Exploitation of a software vulnerability occurs when an adversary takes advantage of a programming error in a program, service, or within the operating system software or kernel itself to execute adversary-controlled code. A common goal for post-compromise exploitation of remote services is for lateral movement to enable access to a remote system.

This technique leverages the interconnected nature of vehicle systems and services, which often communicate with each other to perform functions essential to the vehicle's operation. Just as with traditional computing environments, vehicles can be designed with various networked components and services, including infotainment units, telematics, and onboard diagnostic systems that may provide an avenue for lateral movement.

ID: T2054
Sub-techniques:  No sub-techniques
Version: 1.0
Created: 03 December 2023
Last Modified: 03 December 2023

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.