Vulnerability Analysis of an Automotive Infotainment System's WIFI Capability

Automobiles of the current era are heavily computerized which makes them highly susceptible to attacks that were unheard of with traditional automobiles. In the past with traditional automobiles, one would require physical access to the automobile to compromise it. Today however, computerization has allowed remote accessibility of automobiles. Remote compromise is feasible by utilizing a vast range of attack vectors such as mechanics tools, automotive infotainment system, Bluetooth and cellular radios etc. In addition, wireless communication channels have made it possible to have long distance vehicle control, location tracking, in-cabin audio ex filtration etc. One of the electronic components in a modern automobile is its automotive infotainment system. This paper focuses on identifying the vulnerabilities of the automotive infotainment system with respect to its WIFI capabilities by conducting structured vulnerability tests on the WIFI capabilities of an automotive infotainment system. To do this, we analysed the WIFI attack surface and constructed test environments and used appropriate tools such as (Nmap (open port scan), Nessus (vulnerability scan), Metasploit) to generate a penetration testing plan to search for vulnerabilities. The vulnerability findings are well documented in this paper.