The CAN network is bi-directional, and I don't think it has any 
security. So any node on the CAN can read-write whatever the heck it 
wants to.

Plug in an OBD-II device, and using the right software (like Forscan) 
you can read/write all sorts of locations in the body-control module, 
flash new software into the PCM (powertrain control module), etc.

I suspect that if you have the entertainment system that has the ability 
to read PIDs in the PCM, for example, road speed, that same interface 
could be used to write values as well.

My 2013 Taurus SHO came with Sync 2 - which ran Windows CE. Thankfully, 
it wasn't a "server" and WiFi wasn't enabled. Now my 2016 Taurus SHO has 
Sync 3 running QNX. I am not amused ;)

