Program

/

CODE BLUE 2025

Time Table

PerfektBlue: Universal 1-click Exploit to Pwn Automotive Industry - Mercedes-Benz, Volkswagen, Skoda

DAY 1

17:00-17:40

This talk covers the PerfektBlue attack - a set of critical memory corruption and logic vulnerabilities found by Mikhail Evdokimov in BlueSDK Bluetooth stack that can be chained together to obtain over-the-air Remote Code Execution (RCE) on millions of vehicles manufactured by different vendors. You will be guided through the entire vulnerability research process, from the initial discovery to building a sophisticated exploitation chain to get RCE on multiple targets. The session includes an overview of Volkswagen, Mercedes-Benz, and Skoda IVI systems, followed by an introduction to the Bluetooth architecture. Further, we delve into the discovery and exploitation phases, describing how a UAF vulnerability can be turned into the Arbitrary Address Write (AAW) primitive, along with the memory leak via the logic bugs’ chain. After this, we put it all together to obtain the execution of arbitrary functions leading to RCE on IVI systems.

  • Location :

    • Track 1(HALL B)

  • Category :

    • Technical

  • Share :

Speakers

  • ミハイル・エフドキモフ の写真

    Mikhail Evdokimov

    ミハイル・エフドキモフ

    Mikhail Evdokimov aka konata is a Senior Security Researcher at PCAutomotive's Security Assessment Team. He specializes in vulnerability research, exploit development, and reverse engineering. His main focus of research is wireless technologies, embedded systems, and kernels.