Volkswagen’s 5G chips susceptible to hacking

FOLLOWING a global rash of computer hacking episodes comes news this week that Samsung Exynos Auto T5123 chips found in a number of Volkswagen Group models are vulnerable to hacking, with potentially serious portents for vehicle owners.

Hackers would have access to all information contained on the chip through connections to linked devices such as phones, tablets, laptops, and so on, and may even be able to disable a vehicle remotely by sending it a text message.

The news comes less than two years after technology giant inked a deal with Volkswagen Group to supply its latest generation Exynos automotive computer chips and is thought to affect at least three primary microprocessors used in a range of models.

First is the Exynos Auto V7 chip used for comprehensive in-vehicle infotainment systems and a component of Volkswagen’s latest in-car application server, the second is the Exynos S2VPSO1 chip for power management, and the third Exynos Auto T5123 is for fifth generation (5G) mobile device connectivity.

GoAuto asked Volkswagen Australia which models were affected by the insecure chips but was unable to ascertain a response.

Upon release, Samsung executive vice president Park Jae-hong said the chips would provide “smarter and more connected automotive technologies for enriched in-vehicle experiences, including entertainment, safety and comfort are becoming critical features on the road”.

“With an advanced 5G modem, an AI-enhanced multi-core processor and a market-proven PMIC (Power Management Integrated Circuit) solution, Samsung is transfusing its expertise in mobile solutions into its automotive line up and is positioned to expand its presence within the field,” he said in November 2021.

For the technically attuned, the T5123 Exynos Auto T5123 chipset brings fast data connectivity to cars so that users can stay connected, stream high-definition videos, or even play online games while on the go.

The chipset supports both SA (Standalone) and NSA (Non-Standalone) 5G networks and offers a maximum download speed of up to 5.1Gbps. The chipset features two ARM Cortex-A55 CPU cores, LPDDR4X RAM, GPS, and compatibility with the PCIe interface.

But according to a report published by Google’s Project Zero security team – a group of security researchers at Google who study zero-day vulnerabilities in hardware and software systems and ways to significantly improve the safety and security of the Internet – Samsung’s Exynos chips “are super vulnerable right now”.

The Project Zero team discovered a flaw in the units that could allow remote attack by hackers using an execute code via SMS to an unpatched device. In other words, a takeover of the vehicle’s system can be executed with little more than an owner’s mobile telephone number.

In total, the Project Zero team identified 18 zero-day vulnerabilities in Exynos modems, with the four most severe being able to execute remote code via SMS.

“Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction and require only that the attacker know the victim’s phone number,” said Google Project Zero spokesperson Tim Willis.

“With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.”

The vulnerability doesn’t only apply to the Volkswagen Group supplied automotive chips. Mr Willis said numerous Samsung mobile devices are also implicated, including those in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series.

Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series, and the Pixel 6 and Pixel 7 series of devices from Google, are also understood to be affected.

Given the Exynos Auto microprocessors are used by other vehicle manufacturers, it is also likely vehicles other than those produced by the Volkswagen Group may be impacted by the flaw.

The investigation continues.