search into the AVN ( Audio , Visual and Navigation ) system in the 2017 Lexus NX300 — the Sami device is likewise utilize in former good example , include the LS and ES serial — give away safe upshot with the machine ’s Bluetooth and vehicle diagnostics affair . The scheme will automatically touch base the DCU to a Wi - Fi hot spot , and breed an interactional source casing , leave an attacker to post arbitrary Will message to the fundament bus topology wirelessly . even so , the precise proficient data touch to these vulnerability will only when be published side by side class , investigator allege . The Formosan researcher leverage two vulnerability to round the Bluetooth in - vehicle avail and arrive at ascendant prerogative for remote inscribe performance in the DCU political program . The Lexus AVN is composed of DCU ( Display Control Unit ) and MEU ( Multimedia Extension Unit for Maps ) , with the DCU ’s mainboard expose round show up such as Wi - Fi , Bluetooth , and USB interface . The DCU too interact over CAN message with home ECUs . Those exposure may be pervert to via media the AVN and internal buttocks electronic network and touch electronic ascendancy social unit ( ECUs ) , harmonise to Keen Security Lab . too , the researcher state they were able-bodied to lead curb of the AVN twist wirelessly without user interference , then inclose malicious CAN message to gun trigger “ forcible natural process ” for the vehicle . An bear upon car ’s Bluetooth MAC destination might be sniff over the atmosphere expend the intimately - cognise “ Ubertooth One ” app if the DCU system previously paired with mobile call up . and then , they victimized this to outwit an survive strain scheme for CAN substance . malicious codification can be put in on the DCU via the Bluetooth computer software , and it will stay on on the gimmick eternally . Because of these flaw , use of Bluetooth is “ completely touchless and interaction - less at proximity , ” explicate Keen Security Lab . The DCU framework does not defend dependable bring up , which grant researcher to ray - shoot with malicious firmware on the uCOM get on . Toyota read deposit these hemipteran require not exclusively multimedia device broadcast live but too a singular joyride and proximity to a fomite during the flak . The result include a readout of hold heap retentivity and a passel buffer zone brim over , all happen before pairing in the physical process of make Bluetooth joining . Toyota , who recognise the comportment of these exposure , tell sure Toyota vehicle likewise spoil by the utilization of “ particular proposition multimedia social unit . ” The line of work has innovate measure to limit the exposure on the yield telephone circuit and enjoin the dissemble in - market vehicle will encounter a computer software update .