2025-10-24 –, Europe
In this presentation, we share the methodology used during a security audit of the Carplay application. This application exposes services to external car interfaces through Bluetooth and Wi-Fi. Our work focused on identifying vulnerabilities that could lead to compromise the multimedia equipment, by an attacker already connected to the car's Wi-Fi hotspot.
During this analysis, we present how we identified the function responsible for parsing external data sent to the car, how we fuzzed it and discovered a bug already known by Apple (CVE 2023-23494).
Vehicle security is essential due to their longevity and the potential impacts on the physical integrity of their users.
The In-Vehicle Infotainment (IVI) System is an interesting target for an attacker looking for initial access through remote interfaces such as Bluetooth or Wi-Fi. The Carplay application uses Wi-Fi, to allow a user to access iPhone’s services from the IVI (navigation, phone calls, third-party applications such as Spotify...)
Developed by Apple, the application’s source code is not publicly available, and few security analyses have been conducted on it.
In this presentation, we share the methodology used during a security audit of the Carplay application. Our work focused on identifying vulnerabilities that could lead to the compromise of the multimedia equipment, by an attacker already connected to the car's Wi-Fi hotspot.
During this analysis, we present how we identified the function responsible for parsing external data sent to the car, how we fuzzed it and discovered a bug already known by Apple (CVE 2023-23494).
Security researcher at Ampere Software Technology's pentest lab (focus on vulnerability detection in automotive embedded systems).