November 8, 2024 at 12:53PM Several vulnerabilities in the Mazda Connect infotainment system, affecting multiple models, allow attackers to execute arbitrary code and gain root access. The issues, including command injection and SQL injection flaws, remain unpatched. Exploitation requires physical access, but threats can arise in various contexts, posing significant risks to vehicle safety. ### … Read more
November 8, 2024 at 08:49AM ZDI reveals vulnerabilities in the infotainment systems of several Mazda car models, potentially allowing unauthorized code execution, which poses security risks for vehicle owners. **Meeting Takeaways:** 1. **Vulnerability Disclosure**: ZDI (Zero Day Initiative) has reported vulnerabilities found in the infotainment systems of several Mazda car models. 2. **Potential Risk**: The … Read more
January 26, 2024 at 03:51AM Cybersecurity researchers and bug bounty hunters earned over $1.3 million from hacking Teslas, EV chargers, and infotainment systems at the Pwn2Own Automotive competition. The Synacktiv team won, earning $450,000 by exploiting vulnerabilities. ZDI is preparing for Pwn2Own Vancouver 2024, with a prize pool exceeding $1 million. Last year’s competition in … Read more