CVE-2024-51073 identifies a vulnerability in the instrument cluster of the KIA Seltos vehicle, specifically in software and hardware version 1.0. The instrument cluster interfaces with the vehicle's Controller Area Network (CAN) bus, which is critical for communication between various electronic control units (ECUs) in modern vehicles. The vulnerability allows an attacker to potentially control or disrupt CAN communication between the instrument cluster and the CAN bus. This could lead to manipulation or denial of service of vehicle functions that rely on CAN messages, potentially affecting vehicle safety and operational integrity. The findings stem from tests conducted on an isolated ECU component, not within a fully integrated vehicle environment, leading the supplier to dispute the vulnerability's practical exploitability. The observed behavior reportedly complies with the Unified Diagnostic Services (UDS) protocol, which governs diagnostic communication in vehicles. The CVSS 3.1 score of 6.7 reflects a medium severity, with attack vector classified as physical (AV:P), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and a scope change (S:C). The impact includes low confidentiality and integrity loss but high availability impact, indicating potential denial of service or disruption of vehicle functions. No patches or known exploits are currently available, and the vulnerability was published on November 22, 2024.

The potential impact of CVE-2024-51073 is significant for vehicle safety and reliability. If exploited, attackers could disrupt or manipulate CAN bus communication, potentially causing malfunctions in vehicle instrumentation, warning systems, or other critical electronic functions. This could lead to unsafe driving conditions, loss of driver information, or vehicle immobilization. For organizations, this vulnerability poses risks to automotive manufacturers, suppliers, dealerships, and fleet operators who rely on the affected KIA Seltos models. Disruption of vehicle systems could result in increased warranty claims, reputational damage, and regulatory scrutiny. Although exploitation requires physical access to the vehicle's CAN bus, sophisticated attackers or insiders could leverage this to cause targeted disruptions. The lack of known exploits in the wild reduces immediate risk, but the medium CVSS score and potential safety implications necessitate proactive attention.

To mitigate this vulnerability, organizations should first verify the applicability of the findings within real-world vehicle environments by collaborating with the supplier and conducting integrated vehicle testing. Monitoring CAN bus traffic for unusual or unauthorized messages can help detect attempted exploitation. Physical security controls should be enhanced to prevent unauthorized access to the vehicle's internal networks, including securing diagnostic ports and ECUs. Automotive service centers and fleet operators should be trained to recognize signs of CAN bus tampering or malfunction. The supplier should be engaged to provide firmware or software updates if further validation confirms the vulnerability. Additionally, implementing anomaly detection systems within vehicle networks and employing secure diagnostic protocols can reduce the risk of exploitation. Finally, maintaining an incident response plan for automotive cybersecurity events will help organizations respond effectively if exploitation occurs.