Is there a SYNC®* 3 Cyber Security Vulnerability?
Lincoln learned from a supplier that a security researcher discovered a vulnerability in the Wi-Fi software driver supplied for use in the SYNC 3 infotainment system. If you are unsure which SYNC generation you have, you can check online if your vehicle is equipped with SYNC 3.
Lincoln provided an initial disclosure of this vulnerability on its website in August 2023. Immediately, and in collaboration with the supplier and security researcher, we began developing and validating measures to address the vulnerability. As-of March 2025, we have seen no evidence that this vulnerability has been exploited, which would likely require significant expertise and include being physically near the vehicle with its ignition and Wi-Fi setting on. If this vulnerability was exploited, however unlikely, it would not affect the safety of vehicle occupants, since the infotainment system is firewalled from controls like steering, throttling, and braking.
Guidance for Cyber Security Vulnerability
To eliminate the vulnerability, Ford has issued a software patch online for download and installation to vehicles via USB. To install this software update, customers can go to www.lincoln.com/support/sync-maps-updates, enter their VIN, and follow the provided instructions. If the vehicle is already at the latest software level, then no additional updates are required.
Alternatively, customers can simply turn off the Wi-Fi® capability through the SYNC® 3 infotainment system’s Settings menu to eliminate the vulnerability. Instructions to turn off Wi-Fi® can be found here.
For more details on this software vulnerability, click here.
Security researchers who want to engage with and report vulnerabilities can do so on the Ford Vulnerability Disclosure Program site.
*Don’t drive while distracted. Use voice-operated systems when possible; don’t use handheld devices while driving. Some features may be locked out while the vehicle is in gear. Not all features are compatible with all phones.