Ford vehicles with SYNC 3 vulnerability

The vulnerability is tracked as CVE-2023-29468. As you can see, FORD, isn't allowing this CVE to be viewed in detail. My vehicle is on this listing. I have disabled ALL Wifi capabilities on the vehicle accordingly. This does NOT affect bluetooth for cellular devices nor your Sirius XM capabilities. If you have one of the named vehicles and the year models show I suggest doing the same. DON'T expect FORD to get any patch for USB devices to customers anytime soon, If ever, and with instructions which are fool proof. This SHOULD be done via a recall and having a dealer patch the systems. Not the end user, that is just tacky as it gets from a major auto manufacturer. 

https://www.bleepingcomputer.com/news/security/ford-says-cars-with-wifi-vulnerability-still-safe-to-drive/

SYNC3 is a modern infotainment system that supports in-vehicle WiFi hotspots, phone connectivity, voice commands, third-party applications, and more.

The particular system is used in the following car models:

  • Ford EcoSport (2021 – 2022)
  • Ford Escape (2021 – 2022)
  • Ford Bronco Sport (2021 – 2022)
  • Ford Explorer (2021 – 2022)
  • Ford Maverick (2022)
  • Ford Expedition (2021)
  • Ford Ranger (2022)
  • Ford Transit Connect (2021 – 2022)
  • Ford Super Duty (2021 – 2022)
  • Ford Transit (2021 – 2022)
  • Ford Mustang (2021 – 2022)
  • Ford Transit CC-CA (2022)