TOYOTA CITY: Toyota's engagement with Keen Security Lab (Keen Lab), a globally renowned cybersecurity research lab of Tencent, has led to discovery of certain vulnerabilities in some Toyota and Lexus models.
Based on Toyota's investigation, operation of certain vehicle functions in certain Lexus and Toyota vehicles equipped with particular multimedia units could occur if the identified vulnerabilities in the Bluetooth function are exploited.
The vulnerability findings and exploit process, as described by Keen Lab, do not control steering, braking, or throttle.
The exploitation of these vulnerabilities requires specific knowledge and expertise of the multimedia system software, a special tool, and maintaining close proximity to a vehicle for an extended period during any attempt to compromise the multimedia system.
Toyota believes that exploiting these vulnerabilities in the manner developed by Keen Lab is extremely sophisticated, and the likelihood of this condition to occur in the real world is limited.
Toyota has already implemented measures to address the vulnerabilities in the vehicles currently being produced. For certain in-market vehicles equipped with the specific multimedia units, owners can update the software.
Toyota acknowledges Keen Lab's contribution in identifying this vulnerability. Toyota takes the discovery by Keen Lab seriously and will continue to enhance the cyber protections of its vehicles.
