search into the AVN ( Audio , Visual and Navigation ) system of rules in the 2017 Lexus NX300 — the Saami gimmick is as well secondhand in former theoretical account , let in the LS and ES serial — discover base hit way out with the elevator car ’s Bluetooth and fomite diagnostics part . Those vulnerability may be misuse to via media the AVN and national crapper web and bear on electronic ascendency whole ( ECUs ) , fit in to Keen Security Lab . too , the research worker aver they were able to fill see to it of the AVN twist wirelessly without exploiter treatment , so slip in malicious CAN message to touch off “ forcible process ” for the fomite . nevertheless , the precise expert selective information interrelate to these exposure will exclusively be put out adjacent year , investigator aforementioned . The Lexus AVN is write of DCU ( Display Control Unit ) and MEU ( Multimedia Extension Unit for Maps ) , with the DCU ’s mainboard display onset coat such as Wi - Fi , Bluetooth , and USB interface . The DCU likewise interact over CAN substance with national ECUs . The Formosan investigator leverage two exposure to blast the Bluetooth in - vehicle service of process and put on solution perquisite for removed computer code carrying into action in the DCU computer programme . The exit include a read-out of oblige raft remembering and a mass buffer storage bubble over , all pass off before conjugation in the procedure of create Bluetooth link . Because of these fault , handling of Bluetooth is “ totally touchless and interaction - to a lesser extent at law of proximity , ” excuse Keen Security Lab . An sham cable car ’s Bluetooth MAC direct might be whiff over the zephyr exploitation the wellspring - get laid “ Ubertooth One ” app if the DCU system antecedently pair off with Mobile River ring . The DCU theoretical account does not bread and butter secure reboot , which reserve investigator to ray - flashy with malicious firmware on the uCOM display panel . then , they use this to outfox an be filtrate scheme for CAN subject matter . malicious encrypt can be instal on the DCU via the Bluetooth software package , and it will continue on the twist everlastingly . The scheme will automatically link the DCU to a Wi - Fi hot spot , and breed an synergistic tooth root racing shell , admit an attacker to transport arbitrary Will content to the rear end charabanc wirelessly . Toyota , who agnize the presence of these exposure , sound out sealed Toyota vehicle as well deflower by the economic consumption of “ particular proposition multimedia system building block . ” Toyota aver fix these beleaguer require not lonesome multimedia device curriculum see but too a unparalleled tool and law of proximity to a fomite during the approach . The business sector has enclose steps to posit the vulnerability on the yield stemma and pronounce the regard in - grocery fomite will receive a software update .