37 matches found
EUVD-2020-26713
Malware in sbrugna...
CVE-2024-39339
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally...
CVE-2024-39339
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally...
CVE-2024-39339
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally...
CVE-2024-39339
CVE-2024-39339 affects all versions of Smartplay headunits used in Suzuki and Toyota vehicles. The issue is described as a misconfiguration that leads to information disclosure, exposing diagnostic log traces, system logs, headunit passwords, and PII. The available documents provide the impact as...
Toyota confirms customer and employee data stolen, says breach at third party to blame
Last week, a cybercriminal using the handle ZeroSevenGroup dumped 240GB of data on the infamous stolen data site BreachForums, that they said came from a hack on the US branch of car manufacturer Toyota. ZeroSevenGroup claims the dump includes customer and employee data. ZeroSevenGroup posted the...
toyota.co.zw Cross Site Scripting vulnerability OBB-3553182
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
How the Most Popular Cars in the US Track Drivers
Vehicles from Toyota, Honda, Ford, and more can collect huge volumes of data. Here’s what the companies can access...
Password Reset Hack Exposed in Honda's E-Commerce Platform, Dealers Data at Risk
Security vulnerabilities discovered in Honda's e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information. "Broken/missing access controls made it possible to access all data on the platform, even when logged in as a test account," security researche...
CVE-2023-29389
CVE-2023-29389 affects Toyota RAV4 2021 vehicles, where ECUs on the CAN bus trust messages from other ECUs. A physically proximate attacker who accesses the headlight connector can inject forged "Key is validated" messages over CAN, potentially allowing the attacker to drive the vehicle. This has...
toyota-vzv.cz Cross Site Scripting vulnerability OBB-3178729
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
federation-nds.toyota.ca Cross Site Scripting vulnerability OBB-3167083
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Automotive Industry Exposed to Have Major API Vulnerabilities
By Habiba Rashid The impacted automotive giants include BMW, Toyota, Ford, Honda, Mercedes-Benz and many more. This is a post from HackRead.com Read the original post: Automotive Industry Exposed to Have Major API Vulnerabilities...
toyota.neyberos.com Cross Site Scripting vulnerability OBB-2554794
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Bridgestone Hit as Ransomware Torches Toyota Supply Chain
On Friday, Bridgestone Corp. admitted that a subsidiary experienced a ransomware attack in February, prompting it to shut down the computer network and production at its factories in North and Middle America for about a week, said Reuters. Among other things, Bridgestone is a major supplier of...
Toyota’s just in time manufacturing faced with disruptive cyberattack
Toyota suspended the operation of 28 lines at 14 plants in Japan on Tuesday, March 1, after a cyberattack on supplier Kojima Industries Corp. Some plants operated by Toyotas affiliates Hino Motors and Daihatsu are included in the shutdown. Hino suspended all operations at its Koga facility, which...
Toyota to Close Japan Plants After Suspected Cyberattack
What was potentially a cyberattack hit one of Toyota’s parts suppliers, causing the company to move to shut down about a third of the company’s global production tomorrow, the company announced on Monday. Toyota doesn’t know how long the 14 plants will be unplugged. The closure will mean that the...
toyota-stueben-ortmann-anklam.de Cross Site Scripting vulnerability OBB-1376825
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2020-5610
Global TechStream GTS for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service DoS condition and execute arbitrary code via unspecified vectors...
CVE-2020-5610
Global TechStream GTS for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service DoS condition and execute arbitrary code via unspecified vectors...