LvRob
Active Member
- First Name
- Robert
- Joined
- May 3, 2022
- Threads
- 1
- Messages
- 32
- Reaction score
- 125
- Location
- Allentown Pennsylvania
- Vehicle(s)
- Ford Escape
- Occupation
- Cybersecurity Architect
I see you've got experience in the NIST standard for IT network technology. I, on the other hand have 30 years of experience in writing firmware in real time operating systems and in Linux operating systems. Most of my time has been in the Wi-Fi space writing device drivers, correcting device drivers, debugging and diagnosing security issues in these types of products. Thus those are my credentials. So when I say that I am a professional in this space, I mean I am a hands-on engineer, masters in electrical engineering, CISSP, patents under my name and knowledge of what it takes to take advantage of this type of issue.
Next, let's look at the set of steps that I indicated must happen in order to take advantage of this vulnerability. You didn't question that set of steps. As a person who professionally manages vulnerabilities using threat modeling and attack trees, those are the tools I can use to show the degree of complexity at the system level. That's what I'm referring to in the set of steps that are necessarily. Neither the CVSS score nor the report from Ford indicates the level of detail necessary to cause this issue to actually occur under the control of an attacker. That bigger picture view is what I do for a living.
In the embedded world, the CVSS score must be rescored based on the environment of use. It has serious flaws when applied to a device driver issue because a device driver can be used in widely different environments. This again I know from my professional experience.
I'm offering up my professional experience to show that what has been provided by Texas instruments and provided by Ford in detail gave me enough information to picture what has to happen to take advantage of this vulnerability. This CVE is not low hanging fruit and this is not an easy to achieve exploit. As you can see by the fact this is a driver issue there are layers of other defenses an attacker must penetrate to get to the vehicle using the vehicle Wi-Fi.
I read through the source code provided by Texas instruments as well as their patch proposal and it is a typical logic flaw.
So now I put it back on you. you have offered your professional opinion about my professional opinion. Yet, you admit you don't know the details of the embedded world nor the details of what it takes to create such an exploit. I agree we can agree to disagree. I will also await further news. However, given how difficult it is to get a fully tested device driver fix and then get it distributed to a large pool of impacted vehicles, my goal was to assure people about the bounds of this problem.
I'm sure you have your credentials in your portion of the cyber security world, but from my perspective this issue is not in your area of expertise.
(Edited for multiple speech to text issues...)
Next, let's look at the set of steps that I indicated must happen in order to take advantage of this vulnerability. You didn't question that set of steps. As a person who professionally manages vulnerabilities using threat modeling and attack trees, those are the tools I can use to show the degree of complexity at the system level. That's what I'm referring to in the set of steps that are necessarily. Neither the CVSS score nor the report from Ford indicates the level of detail necessary to cause this issue to actually occur under the control of an attacker. That bigger picture view is what I do for a living.
In the embedded world, the CVSS score must be rescored based on the environment of use. It has serious flaws when applied to a device driver issue because a device driver can be used in widely different environments. This again I know from my professional experience.
I'm offering up my professional experience to show that what has been provided by Texas instruments and provided by Ford in detail gave me enough information to picture what has to happen to take advantage of this vulnerability. This CVE is not low hanging fruit and this is not an easy to achieve exploit. As you can see by the fact this is a driver issue there are layers of other defenses an attacker must penetrate to get to the vehicle using the vehicle Wi-Fi.
I read through the source code provided by Texas instruments as well as their patch proposal and it is a typical logic flaw.
So now I put it back on you. you have offered your professional opinion about my professional opinion. Yet, you admit you don't know the details of the embedded world nor the details of what it takes to create such an exploit. I agree we can agree to disagree. I will also await further news. However, given how difficult it is to get a fully tested device driver fix and then get it distributed to a large pool of impacted vehicles, my goal was to assure people about the bounds of this problem.
I'm sure you have your credentials in your portion of the cyber security world, but from my perspective this issue is not in your area of expertise.
(Edited for multiple speech to text issues...)
Sponsored
Last edited: