Discovery of API vulnerability and its impact on millions of cars from 16 manufacturing companies

Discovery of API vulnerability and its impact on millions of cars from 16 manufacturing companies

Recently in the news numerous vulnerabilities API It has been reported in millions of cars of 16 top car manufacturers in the world that hackers could unlock and close the car without permission, steal the car and completely endanger the privacy of the car owners. This API security vulnerability, which is reported in 16 major car manufacturers including Acura, BMW, Ford, Genesis, Honda, Mercedes Benz, Hyundai, Infiniti, Jaguar, Kia, Land Rover, Nissan, Porsche, Rolls Royce and Toyota Reviver, SiriusXM and Spireon companies and software are affected.

The reported flaws cover a wide range of vulnerabilities, from things like accessing internal company systems and customer and user information to other weaknesses that allow unauthorized people to execute remote commands. The research builds on previous findings, when Yoga Labs researcher Sam Currie and colleagues found security flaws in machines using SiriusXM software that also had a network connection.

However, one of the most serious of these bugs is related to Spireon’s remote communication software solution, which allowed hackers to send malicious commands to nearly 15.5 million vehicles even with the latest firmware update. In this regard, the researchers have admitted that the discovered vulnerabilities allowed them to track and disable police cars and ambulances in big cities by sending malicious commands to those cars.

Automotive API 16 Vulnerability

The vulnerabilities identified in Mercedes-Benz also enabled hackers to access the internal application by abusing the incomplete configuration of the entry into the system (single sign-on), which allows access to different applications with only one password. According to reports, other discovered bugs have allowed access and control of accounts and disclosure of sensitive and private information of customers.

Automotive API 16 Vulnerability

Other flaws have allowed access to vehicle GPS information, license plate data management, and even change customer information and update vehicle status. However, with the publicization of these problems, all the vulnerabilities have been resolved by the manufacturing companies, but the discovery of these problems is another reason for the need for companies to focus on the production of their products and their security capabilities, especially in the transportation system, which is directly related to safety and People’s lives are at stake.

Automotive API 16 Vulnerability

In this regard, researchers have acknowledged that if malicious hackers were able to find these bugs early, they could gain access to navigation and remote control systems, internal car systems such as lights and GPS information, as well as the ability to turn on and off and open the door. They also get to lock the car.

  • Sony’s PS5 console will be placed in Honda’s car
  • F-150 Lightning police car was unveiled by Ford
  • Microsoft accused China of exploiting unknown security vulnerabilities

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed

Most Viewed Posts