A team of three security researchers has found and disclosed two security flaws in the TCU (telematics control unit) components that ship with various luxury car models. The flaws are a buffer overflow in TCU s component that processes AT commands (CVE-2017-9647), and a flaw that allows attackers to execute code via one of the TCU’s inner components (baseband radio processor) Ford, BMW, Infiniti, Nissan, and BMW models use vulnerable TCUs. Car makers said the flaws only allow attackers access to the car’s infotainment system, but not to critical car functions.
Source: https://www.bleepingcomputer.com/news/security/security-flaws-found-in-2g-modems-used-by-bmw-ford-infiniti-and-nissan-cars/