Summary: A well-known China-based automotive manufacturer has multiple critical security vulnerabilities affecting over 150,000 vehicles sold in 2024. Security researchers Yingjie Cao and Xinfeng Chen uncovered weaknesses that could allow remote car control through man-in-the-middle attacks. Their findings highlight the broader cybersecurity issues in the automotive industry, stressing the need for improved defenses against such exploits.
Affected: Unnamed China-based automotive manufacturer
Keypoints :
- Vulnerabilities found in two different car models allow potential remote control of vehicles.
- Security flaws in the infotainment system can lead to limited car control functions such as opening doors and windows.
- Research highlights a concerning trend of inadequate cybersecurity resources within automotive organizations, with many lacking dedicated cybersecurity teams.
- The research emphasizes the need for innovative methods to discover and address cybersecurity vulnerabilities in the automotive sector.
Source: https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security