On 20th August 2019, we published a news article on our website that was intended to highlight a vulnerability which affected Messerschmitt “Mobile Key” door locks.
At the time of writing, this article was written in good faith by us and was based on the previously-released research conducted by Chaos Computer Club that was presented publicly at Blackhat USA 2019.
Recently, we have been contacted by Messerschmitt GmbH, who advised us that our article was factually-incorrect, and confirmed by the CCC article, could be considered misleading in the way that it was written.
From discussions with Messerschmitt GmbH (and confirmed by the CCC article content), we now understand that we wrongly implied in our article that any Messerschmitt lock in a hotel can be opened through this vulnerability and that it is possible to generate a “Mobile Key” without “sniffing” a compromised “Mobile Key” of a guest door.
We have since been advised by Messerschmitt GmbH that the vulnerability disclosed by CCC would only allow a single guest room door lock to be compromised and that this would only be possible if an attacker was able to “sniff” the Bluetooth data between the lock and a compromised “Mobile Key” during the valid period of the guest key. We now understand that in reality, the likelihood of this vulnerability being exploited “in-the-wild” is very low, due to the attack being reliant on the hotel having a compromised “Mobile Key” and the attacker having sufficient time to capture enough data for the attack to be possible.
While we make every effort to ensure that our articles are technically-accurate, we want to take this opportunity to apologise publicly to Messerschmitt GmbH for the misunderstanding that may have been perceived in our article and in our interpretation of the original CCC publication.