November 8, 2024 at 05:28PM Six vulnerabilities in Mazda’s infotainment system could be exploited via a USB, potentially affecting vehicle safety. Originating from the Mazda Connect CMU, these flaws could allow full system compromise and access to sensitive data. Though serious, real-world exploitation remains unlikely currently, highlighting the need for improved vehicle security measures. **Meeting … Read more
November 8, 2024 at 12:53PM Several vulnerabilities in the Mazda Connect infotainment system, affecting multiple models, allow attackers to execute arbitrary code and gain root access. The issues, including command injection and SQL injection flaws, remain unpatched. Exploitation requires physical access, but threats can arise in various contexts, posing significant risks to vehicle safety. ### … Read more
September 27, 2024 at 04:13PM Millions of Kia vehicles had a flaw that allowed attackers to remotely control them using license plate information. Researchers found this vulnerability in Kia, Honda, Infiniti, Nissan, Acura, BMW, Mercedes, and other vehicles. This highlights ongoing concerns over the cybersecurity of connected vehicles and the need for stronger authentication and … Read more
September 26, 2024 at 03:55PM Security researchers found critical flaws in Kia’s dealer portal, allowing hackers to locate and steal millions of Kia cars made after 2013 by using the vehicle’s license plate. Based on the meeting notes, the key takeaway is that security researchers have identified critical vulnerabilities in Kia’s dealer portal that could … Read more