Preface: ISO/SAE 21434 describes Threat Analysis and Risk Assessment (TARA) to assess the cybersecurity risks in the product. ISO/SAE 21434 stresses the importance of executive management’s commitment to cybersecurity by providing specific guidelines for those responsibilities.
Background: The iLX-F905D Alpine Halo9 is the second generation of the Halo product line, featuring a 9-inch high-resolution WXGA touchscreen that is compatible with virtually any vehicle with a 1DIN or 2DIN mounting base. Halo9 capable wireless Apple CarPlay and Android Auto (wired) compatibility, DAB+ digital radio, USB video playback, Hi-Res Audio playback, Bluetooth hands-free and audio streaming.
Vehicle Data-bus Connection – If your car is equipped with parking sensors and, you can continue to use these convenient functions with your iLX-F905D. Alpine offers many vehicle data-bus interfaces to connect your Alpine Halo9 to your vehicle’s data-bus system. This enables compatibility with your vehicle’s steering wheel control buttons, display of air conditioning settings as well parking sensor display.
Vulnerability details: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.
The specific flaw exists within the DecodeUTF7 function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.
Official announcement: Please refer to the vendor announcement for details – https://www.zerodayinitiative.com/advisories/ZDI-24-848/