NHTSA ID Number: 10165273
Manufacturer Communication Number: M650219
TSB/Document Date: 2019-09-23
Summary
SECURITY IMPROVEMENTS FOR HEAD UNITS. Security patches for non-safety critical vulnerabilities in MINI
head units Entry Nav Entry Media NBT and NBT EVO.
9/4/2019
65 02 19_SECURITY IMPROVEMENTS FOR HEAD UNITS
SIM 65 02 19
SECURITY IMPROVEMENTS FOR HEAD UNITS
2019-08-28
MODEL
F54 (MINI Clubman)
F55 (MINI Hardtop 4
Door)
F56 (MINI Hardtop 2
Door)
F57 (MINI Convertible)
F60 (MINI Countryman)
Only Model Years 2014 to 2018 are affected.
SITUATION
Security vulnerabilities in MINI infotainment control units have been identified in vehicles equipped with ID4
(either Entry Nav, Entry Media, or NBT) and ID5/ID6 (NBT EVO) head units.
Note: Entry EVO Nav or Entry EVO Media are not affected.
CAUSE
A Chinese cybersecurity research team Tencent Keen Security Lab (“Tencent”) examined various MINI
models for potential security vulnerabilities from January 2017 to February 2018. They identified and informed
the BMW Group of total of 14 vulnerabilities, five of them remotely via a mobile communications base station
that was set up specifically for the research work.
MINI vehicles are not affected by these remotely exploitable vulnerabilities, but by other vulnerabilities
requiring an attacker to have physical access to a vehicle.
In addition to the measures already implemented via the ConnectedDrive back end, a software update is
available depending on the head unit generation.
CORRECTION
Check and update head unit software
Install KISU update (Customer Initiated Software Update) depending on the head unit installed as
outlined in the procedure below
A Question & Answer document is attached.
PROCEDURE
Review and perform this procedure only on vehicles equipped with ID4 (either Entry Nav, Entry Media, or
NBT) and ID5/ID6 (NBT EVO) head units.
1. Check the I-level of the vehicle (AIR, Key read or Remote Key Read). Make note of the I-level.
2. Perform a vehicle test with ISTA. Once the vehicle test is performed, hover your mouse pointer
over the head unit as shown below. This provides the following details:
Copyright ©2019 MINI USA, a division of BMW of North America, LLC. All Rights Reserved
1/6
9/4/2019
65 02 19_SECURITY IMPROVEMENTS FOR HEAD UNITS
a. The head unit variant installed in the vehicle (arrow)
b. The HWEL (hardware electronics) number.
If the vehicle is equipped with an RSE (Rear Seat Entertainment), also check the last numbers
starting with “RSE…” in the respective column below.
3.
Is the HWEL version readout from the vehicle listed below for the corresponding head unit?
ID4 Entry Nav / Entry
Media
HWEL-0000116C
HWEL-0000116E
HWEL-00001703
HWEL-00001704
HWEL-00001705
HWEL-00001706
HWEL-000019F9
HWEL-000019FA
HWEL-000019FC
HWEL-0000274C
HWEL-0000274D
HWEL-0000274E
HWEL-0000274F
HWEL-00002750
ID4 HU-H & HU-H Rear
Seat Entertainment
(RSE)
HWEL-00000DF5
HWEL-00000DF6
HWEL-00000DF7
HWEL-00000DF8
HWEL-00000DFF
HWEL-00001018
HWEL-00001019
HWEL-0000101A
HWEL-00001294
HWEL-00001295
HWEL-00001296
HWEL-000018C2
HWEL-000018C3
HWEL-00001A41
ID4 HU-H (EVO)
HWEL-000022E3
HWEL-000022E4
HWEL-000022E5
HWEL-000022E6
HWEL-000022E7
HWEL-000022E8
HWEL-000031DC
HWEL-000031DD
HWEL-000031DE
HWEL-000031DF
HWEL-000031E0
HWEL-000031E1
ID5 / ID6 NBTEVO &
Rear Seat
Entertainment (RSE)
HWEL-00002479
HWEL-0000247A
HWEL-0000247B
HWEL-000026B9
HWEL-000026BA
HWEL-000026BB
HWEL-00002AB8
HWEL-00002AB9
HWEL-00002C14
HWEL-00002FC2
HWEL-00002FC3
HWEL-00002FC4
HWEL-00002FC5
HWEL-00003A09
Copyright ©2019 MINI USA, a division of BMW of North America, LLC. All Rights Reserved
2/6
9/4/2019
65 02 19_SECURITY IMPROVEMENTS FOR HEAD UNITS
HWEL-00002753
HWEL-00002754
HWEL-00001170
HWEL-00001707
HWEL-00001708
HWEL-00001709
HWEL-000019F7
HWEL-000019F8
HWEL-000019FB
HWEL-00002746
HWEL-00002747
HWEL-00002748
HWEL-00002749
HWEL-0000274A
HWEL-0000274B
HWEL-00002751
HWEL-00002752
HWEL-00002755
HWEL-00001A42
HWEL-00001A43
HWEL-00001A44
HWEL-00001A45
RSE HWEL-00000E66
RSE HWEL-00000F5E
RSE HWEL-00000F5F
HWEL-00003A0A
HWEL-00003A0B
HWEL-00003A0C
HWEL-00003A0D
HWEL-00003A0E
RSE HWEL-00001EF7
RSE HWEL-00001EFB
a. Yes: Proceed to the steps below relating to the specific head unit installed in the vehicle being
serviced.
b. No: No further action is needed because the control module installed in the vehicle is not affected.
Steps for ID4 (Entry Nav, Entry Media, HU-H & HU-H EVO) head units
4. Was the vehicle last treated with ISTA 4.16.1 or higher, and is the I-level 19-03-5xx or higher??
5. YES: The vehicle already has the software that provides the vehicle with added security measures
installed. Continue with step 7 below.
6. NO: Program and encode the vehicle using ISTA 4.16.1 or higher (released early March, 2019).
7. Download and install the “Customer initiated update software” (KISU software) in the vehicle.
a. Refer to the instructions below “updating KISU data”
Steps for ID5 / ID6 NBT EVO (HU-H2) head unit:
8. Was the vehicle last treated with ISTA 4.01.1 or higher and is the I-level 16-07-500 or higher??
9. YES: The vehicle already has the software that provides the vehicle with added security measures.
No further actions required.
10. NO: Program the vehicle with ISTA 4.01.1 or higher.
Note:
ISTA will automatically reprogram and code all programmable control modules that do not have
the latest software
Always connect a MINI approved battery charger/power supply (SI M04 08 09)
Copyright ©2019 MINI USA, a division of BMW of North America, LLC. All Rights Reserved
3/6
9/4/2019
65 02 19_SECURITY IMPROVEMENTS FOR HEAD UNITS
For information on programming and coding with ISTA, refer to CenterNet / TIS / Technical
Documentation / Vehicle Programming
Steps for installing the Customer-initiated software update (KISU)
Downloading Customer-initiated software update on to a USB.
1. Prerequisites:
- USB stick with at least 500 MB of free memory and formatted as FAT16, FAT32 or NTFS filesystem.
- Access to a computer with internet access.
- The 17-digit vehicle identification number (VIN) of the customer vehicle.
2. Download the software:
- Open the website: https://www.bmw.com/update
- Enter the 17-digit vehicle identification number (VIN).
- If the update is available, download the software (example: UPD 09042.bin) onto the USB stick.
3. Installation in the vehicle – updating of head unit:
- Vehicle must have the minimum I-level specified in this bulletin.
- Connect the USB in the center console of the vehicle.
- Then install the software in the vehicle ("iDrive settings" / "Software update").
WARRANTY INFORMATION
Covered, one-time as described above, under the terms of the MINI New Passenger Car Limited Warranty.
Defect Code:
8411900100
Fx Security enhancements for head units
The vehicle is already in the workshop, or if applicable, completion before the first delivery of the
vehicleWork Pkg
Labor Operation
Description (Plus work)
Labor Allowance
#1
00 66 667
Programming and encoding the vehicle only
(includes connecting an approved battery
charger/power supply and performing a vehicle
test)
Refer to AIR
00 66 668
Programming and encoding the vehicle (includes
connecting an approved battery charger/power
supply and performing a vehicle test) and installing
customer-initiated software update (KISU data)
Refer to AIR
00 66 669
Installing customer-initiated software update (KISU Refer to AIR
data) (The vehicle is already at the specified Target
integration level or higher)
Or:
#2
Or:
#3
Copyright ©2019 MINI USA, a division of BMW of North America, LLC. All Rights Reserved
4/6
9/4/2019
65 02 19_SECURITY IMPROVEMENTS FOR HEAD UNITS
If you are using a Main labor code for another repair, use the Plus code labor operation above that applies
instead of the Main labor code.
Or:
The vehicle arrives at your center, this action applies and it has not been previously performed (No
other Main work will be performed/claimed during this workshop visit)Work Pkg
Labor Operation
Description (Main work)
Labor Allowance
#4
00 66 090
Programming and encoding the vehicle only
(includes connecting an approved battery
charger/power supply and performing a vehicle
test)
Refer to AIR
00 66 091
Programming and encoding the vehicle (includes
connecting an approved battery charger/power
supply and performing a vehicle test) and installing
customer-initiated software update (KISU data)
Refer to AIR
00 66 092
Installing customer-initiated software update (KISU Refer to AIR
data) (The vehicle is already at the specified Target
integration level or higher)
Or:
#5
Or:
#6
Refer to AIR for the corresponding flat rate unit (FRU) allowances.
During the same workshop visit, if a vehicle also requires another Technical Campaign or repair that also
includes programming and encoding the control units, the programming procedure may only be
invoiced one time.
Claim Repair Comments
Unless additional related/in conjunction work was required (not addressed and/or included in one of the
options provided above), then only reference the SIB number and the work package (Pkg) number performed
in the RO technician notes and in the claim comments (For example: M65 02 19 WP 1), unless otherwise
required by State law.
Programming and Encoding - Vehicle Control Units (RO and Claim Comments Required)
The programming procedure automatically reprograms and encodes all vehicle control modules which do not
have the latest software i-level. If one or more control module failures occur during this programming
procedure:
Please claim this consequential control module-related repair work under the defect code listed in this
bulletin with the applicable AIR labor operations.
Please explain this additional work (The why and what) on the repair order and in the claim comments
section.
For control module failures that occurred prior to performing this programming procedure:
When covered under an applicable limited warranty, claim this control module-related repair work using
the applicable defect code and labor operations (including diagnosis) in AIR.
Supporting Materials
picture_as_pdf M65 02 19 Q_A.pdf
Copyright ©2019 MINI USA, a division of BMW of North America, LLC. All Rights Reserved
5/6
9/4/2019
65 02 19_SECURITY IMPROVEMENTS FOR HEAD UNITS
Copyright ©2019 MINI USA, a division of BMW of North America, LLC. All Rights Reserved
6/6
Attachment M65 02 19
August 2019
Q&A – Security Improvements for Head Units
1. What vulnerabilities were identified?
Potential vulnerabilities were identified in BMW Group MINI Vehicles by Tencent’s Keen
Security Lab (“Tencent”) during extensive testing and research of the BMW Group
ConnectedDrive system and related infotainment components in the vehicle.
2. What Was the Risk?
No drivers or road users were ever at risk. Tencent research showed, that a successful
exploitation of the vulnerabilities required among other things, mastering a long, complex
exploit chain, access to specific vehicle components, action by the attacker as well as the
driver, in order to pose a risk. Vulnerabilities in BMW Group MINI vehicles require a physical
connection, which requires an adversary to gain access to the vehicle’s interior.
3. How were the vulnerabilities addressed?
Software updates are available at MINI centers to close potential non-critical vulnerabilities
and increase the vehicle’s overall robustness.
4. Are the vehicles still at risk?
MINI has issued security updates which are available at MINI centers. Please contact your
local MINI center for further information.
5. As a customer, how can I find out if my car is affected or if it needs an update?
Only certain models equipped with specific electronic control modules are affected. Vehicles
built in model year 2019 and later have the latest updates installed.
Security patches in the form of software updates are available for these non-critical
vulnerabilities. Updates are available for the applicable MINI models at MINI centers and can
be installed at your next regular service visit.
6. What risks remain after all the countermeasures have been implemented?
The vulnerabilities will no longer pose a risk.
- 💯【Conta.ct us for Support Directly】If you met any...
- 🔥🔥🔥【2026 AUTEL FLAGSHIP MK900BT MK900-BT, NEW...
- 🚗【3000+ ACTIVE TESTS (50➡3000+), SAME AS MS...
- 🚗【40+ HOT SERVICES FOR 150 MAKES (28+➡40+)】Full...
- 🚗【OE ALL SYSTEM DIAGNOSE, AUTO SCAN 2.0: SCAN LICENSE...
- 【TURN OFF CEL】 This AL319 car scanner diagnostic tool...
- 【EXTENSIVE APPLICATION】 Autel AL319 Compatible with...
- 【FOR END USER & DIYERS】 This error code reader AL319 is...
- 【USER-FRIENDLY DESIGN】 This OBD2 scanner and check...
- 【HIGH-QUALITY SERVICES】 12 months war.ranty from the...
Last update on 2026-06-12 / Affiliate links / Images from Amazon Product Advertising API
If the PDF is very large, it may not load in the preview below.
Some older TSBs had multiple PDFs — visit the NHTSA Website to view all PDFs.
If the TSB PDF does not show, download or view it on the NHTSA Website.
Click on the (+) Plus Sign
Then Click on Associated Document(s)
Search NHTSA Database for Recalls
Search NHTSA Database for Vehicle Investigations
View Latest Vehicle Investigations
Search NHTSA Database for Vehicle Complaints
View Latest Vehicle Complaints
TSB/Document ID: M650219
Replacement Service Bulletin Number:
MFR Communication Date: 2019-08-01
MFR Internal Campaign ID/Software Version:
Communication Type: Service Bulletin/Repair Instructions
NHTSA Components: EQUIPMENT
MFR Component System:
MFR Component Subsystem:
Previous TSB | Next TSB |
- 【OE-Level Full System Diagnostics-Lifetime F*REE Software Updates】The VDIAGTOOL D200 OBD2 Scanner for cars is a all system bidirectional scan tool that enjoy lifetime f*ree software updates, delivers complete system coverage. reading/clearing codes across engine, transmission, ABS, SAS, EPB, TPMS plus full access to body, chassis, powertrain and all control modules. This D200 Bidirectional car scanner works with most 1996+ OBD2 gasoline and hybrid
cars and light trucks. It does NOT support pure electric and heavy-duty trucks. PLEASE CHECK COMPATIBILITY BEFORE ORDERING or Contact us with VIN to confirm compatibility. - 【Supports OBD2 Full Functions-ZERO Subscription Fees】D200 Bidirectional OBD2 Scanner is a upgarde of universal car code reader. It supports OBD2 full functions to help you turn off the annoying instrument fault indicator, such as read/clear codes, O2 sensor test, I/M readiness, on-board monitor test, datastream, freeze frame, E-VAP system test, and retrieve vehicle information. This professional obd2 scanner diagnostic tool can full access to diagnostics, reset tools and maintenance features with a single payment. NOTE: The fault code can only be cleared after the vehicle's malfunction has been repaired; please ensure the vehicle issue is fixed before clearing the code.
- 【D200 Hidden 2 Advantages: 1. $169 Expandable 49+ Advanced Resets. 2. $199 Get J2534 P*a*s*s-Thru Programming】Your core car diagnostics and 26 reset remain lifetime f*ree for everyday maintenance. When you need deeper repair capability, upgrade with 3-year access for $169 in Store on VDIAGTOOL App, gaining 49+ advanced resets. D200 configured with J2534 hardware, upgrade only when you need without replacing the entire device. You also can Lifetime Unlock for $199 in Store one-time, perform module programming, software re~flashing and ECU data updates directly. Supports 17+ major brands, including for BMW, for Audi, for GM, for Ford and more. Note:D200 does‘t provide any OE software.
- 【Full Bidirectional Control / Active Tests】The D200 car scanner diagnostic tool is a true bidirectional scan tool that lets you send commands directly to the vehicle’s ECU for active tests. Quickly test fuel pumps, relays, solenoids, injectors, cooling fans, windows, sunroofs and more to verify operation instantly. Get dealership-level diagnostic control at a fraction of the cost (ofter $100-200$ per diagnostic visit), reduce guessworkand confirm repairs faster, avoid unnecessary parts replacement, towing fees and wait times.
- 【26 F*ree Essential Reset & Relearn Functions – Everyday Maintenance Made Easy】Handle common maintenance and repair jobs without visiting the shop. The D200 code readers & scan tools includes 26 f*ree high-demand reset functions, including Oil Reset, EPB Service, SAS Calibration, ABS Brake Bleeding, Throttle Relearn, Injector Coding, Headlight Adjustment, Tire Size Reset and more. Perfect for home car owners, mechanics and DIYers – just plug and diagnose anytime, anywhere! Note: Service functions vary by vehicle model—please confirm compatibility.
- 【A MUST-HAVE TOOL FOR DIYERS】 - VDIAGTOOL VD10 car code reader is an incredibly useful obd scanner for each car owner or hobbyist, even for those with little to no experience when it comes to vehicle mechanics! Similar to a fixd car diagnostic tool, using this car diagnostic scanner is extremely easy. All you have to do is attach it to your car OBDII port and you can diagnose car problems in seconds! Read Codes (DTCs); Clear Codes; Live Data; View Freeze Frame; I/M Readiness; Vehicle Information.
- 【KEEP ENGINE IN GOOD STATUS】 - VDIAGTOOL check engine code reader brings a fast access to scan, read the car fault code, show its definition on the screen instantly, troubleshooting to find the root causes of problems, erase the engine fault code and turn off the MIL (Malfunction Indicator Light). Similar to a fixd car diagnostic tool, this car code reader helps ensure your engine stays in top condition.
- 【READ/CLEAR CODES & DTC LOOKUP】- No search online & saving your time, this vehicle car code reader retrieves generic (P0, P2, P3, and U0), manufacturer specific (P1, P3, and U1) codes, pending codes and displays DTC definitions based on the built-in database(more than 3000 codes) on the TFT screen, find out the root causes and clear the codes after fixed.
- 【LIVE DATA & RETRIEVE FREEZE FRAME】 - This diagnostic scan tool for accurate diagnosis enables you to retrieve data from vehicle sensors, such as Engine RPM, Intake air temperature, Short/Long term fuel, Misfire data and etc. The freeze frame is stored in the PCM together with the diagnostic trouble code (DTC) related to the fault. Comparable to a fixd car diagnostic tool, the VD10 car code reader car scanner can be a valuable & practical diagnostic aid and also greatly help when diagnosing intermittent problems.
- 【I/M READINESS for THE S-nn-0-g CHECK】- OBDII vehicle may not pass the annual inspection unless the required monitors since reset are complete. So you should at least read the readiness monitors and make sure they are ready. This car obd2 scanner diagnostic tool is equipped with I/M readiness function to check the operations of the e-m-issi0n system on OBD2 compliant vehicles, run I/M monitor readiness test, checking if the pass vehicle s-m-0-g inspection.
- Pro Features, Home Mechanic Budget: Why pay thousands for factory scan tool? The VD70S scan tool delivers advanced professional diagnostic at an affordable price, including 10x faster 33-66ft wireless scanning, 4000+ active tests, 36+ hot services, ECU coding, PMI function, and OE-level full-system scan with 8-in-one data graph. It rivals expensive shop tools - perfect for DIYer, technician and small shop. Get dealer-grade power without the cost - the VD70S obd2 scanner diagnostic tool makes pro diagnostic accessible to all. The available function tests vary by model—please check compatibility via vdiagtool2 @ outlook . c o m before purchase
- Full Bidirectional Control for Precision Repair: VD70S obd2 scanner gives you direct vehicle module control to test components like fuel pump, injector, A/C clutch, window and more, enabling you to accurately and quickly locate faulty components. Unlike basic obd2 code reader, our advanced bidirectional control lets you actively command system - like triggering the ABS pump to confirm your fix worked. With pinpoint component testing and real-time validation, you can diagnose intermittent issues faster and prevent costly return visits. The VD70S auto diagnostic scanner transforms complex diagnostic into precise, time-saving repair - giving professional-grade accuracy at an unbeatable value
- 33-66FT Wireless Freedom - Faster & More Stable: Say goodbye to 2M cable limits. Easily Perform bi-directional tests like folding mirror, activating light or fuel pump while walking freely around your vehicle - no more cable dragging or repositioning your tool. Unlike other 33ft BT obd2 scanner that still need a cable to handle DOIP vehicle diagnostics, the VD70S bidirectional scan tool delivers a truly cable-free experience - with up to 66ft stable transmission range and faster, more reliable data transfer. With VD70S scanner, you get pro-level flexibility, faster workflow and stable diagnostics without cable clutter or wireless dropouts
- Powerful & Affordable Auto Scanner with 36+ Special Functions: Take control of your vehicle maintenance and save hundreds in shop fees with the VD70S car diagnostic tool. This car tool performs 36+ hot services including ✔Crank Sensor Relearn, Oil Reset, EPB, TPMS Reset, Throttle Adaptation, Injector Coding, ABS Bleed and more. ✔Besides, the VD70S bidirectional obd2 scanner unlocks 100+ advanced vehicle-specific functions under specific system menu, including Idle Relearn, VIN Write, Crankshaft Sensor Relearn, Fuel Trim Reset, ABS Initialization and more. These features help you solve complex system error and restore optimal vehicle performance. Text us your VIN we’ll check the compatibility
- OE-Level Full System Diagnostic, Simplified Workflow: The VD70S car diagnostic scanner delivers OE-level full system scanning (ABS/ECM/BCM/SRS/TCM and more) without the dealership cost. ✔Easily view 8 live data streams, retrieve freeze frame and run active test to quickly identify problem. ✔With advanced bidirectional control, test components like fuel injector and sensor directly to verify repair with certainty. ✔The 8-in-one graphing tracks performance trend to catch intermittent issue like a pro. Whether you're a technician or car owner, the diagnostic scanner provides shop-quality diagnostic to optimize performance and prevent costly repair - all in one affordable tool
Last update on 2026-06-12 / Affiliate links / Images from Amazon Product Advertising API
This product presentation was made with AAWP plugin.