DEF CON Reveals Critical Smart Bus Security Flaws

At DEF CON, Trend Micro’s Chiao-Lin “Steven Meow” Yu and CHT Security’s Kai-Ching “Keniver” Wang showed that smart buses can be remotely compromised. They found that the same M2M router powers both free Wi-Fi and in-vehicle controls, and by bypassing its weak authentication, they accessed ADAS and APTS functions due to a lack of network segmentation. The researchers uncovered command injection flaws and an MQTT backdoor that grants full control over bus operations. Exploits could allow attackers to track real-time locations, hijack cameras, manipulate displays, and falsify critical GPS or engine data to disrupt services.

Read more:

https://www.securityweek.com/free-wi-fi-leaves-buses-vulnerable-to-remote-hacking/