EUVD-2020-26713

Malware in sbrugna...

CVE-2024-39339

A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally...

CVE-2024-39339

A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally...

CVE-2024-39339

A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally...

CVE-2024-39339

CVE-2024-39339 affects all versions of Smartplay headunits used in Suzuki and Toyota vehicles. The issue is described as a misconfiguration that leads to information disclosure, exposing diagnostic log traces, system logs, headunit passwords, and PII. The available documents provide the impact as...

Toyota confirms customer and employee data stolen, says breach at third party to blame

Last week, a cybercriminal using the handle ZeroSevenGroup dumped 240GB of data on the infamous stolen data site BreachForums, that they said came from a hack on the US branch of car manufacturer Toyota. ZeroSevenGroup claims the dump includes customer and employee data. ZeroSevenGroup posted the...

toyota.co.zw Cross Site Scripting vulnerability OBB-3553182

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

How the Most Popular Cars in the US Track Drivers

Vehicles from Toyota, Honda, Ford, and more can collect huge volumes of data. Here’s what the companies can access...

Password Reset Hack Exposed in Honda's E-Commerce Platform, Dealers Data at Risk

Security vulnerabilities discovered in Honda's e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information. "Broken/missing access controls made it possible to access all data on the platform, even when logged in as a test account," security researche...

CVE-2023-29389

CVE-2023-29389 affects Toyota RAV4 2021 vehicles, where ECUs on the CAN bus trust messages from other ECUs. A physically proximate attacker who accesses the headlight connector can inject forged "Key is validated" messages over CAN, potentially allowing the attacker to drive the vehicle. This has...

toyota-vzv.cz Cross Site Scripting vulnerability OBB-3178729

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

federation-nds.toyota.ca Cross Site Scripting vulnerability OBB-3167083

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Automotive Industry Exposed to Have Major API Vulnerabilities

By Habiba Rashid The impacted automotive giants include BMW, Toyota, Ford, Honda, Mercedes-Benz and many more. This is a post from HackRead.com Read the original post: Automotive Industry Exposed to Have Major API Vulnerabilities...

toyota.neyberos.com Cross Site Scripting vulnerability OBB-2554794

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Bridgestone Hit as Ransomware Torches Toyota Supply Chain

On Friday, Bridgestone Corp. admitted that a subsidiary experienced a ransomware attack in February, prompting it to shut down the computer network and production at its factories in North and Middle America for about a week, said Reuters. Among other things, Bridgestone is a major supplier of...

Toyota’s just in time manufacturing faced with disruptive cyberattack

Toyota suspended the operation of 28 lines at 14 plants in Japan on Tuesday, March 1, after a cyberattack on supplier Kojima Industries Corp. Some plants operated by Toyotas affiliates Hino Motors and Daihatsu are included in the shutdown. Hino suspended all operations at its Koga facility, which...

Toyota to Close Japan Plants After Suspected Cyberattack

What was potentially a cyberattack hit one of Toyota’s parts suppliers, causing the company to move to shut down about a third of the company’s global production tomorrow, the company announced on Monday. Toyota doesn’t know how long the 14 plants will be unplugged. The closure will mean that the...

toyota-stueben-ortmann-anklam.de Cross Site Scripting vulnerability OBB-1376825

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2020-5610

Global TechStream GTS for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service DoS condition and execute arbitrary code via unspecified vectors...

CVE-2020-5610

Global TechStream GTS for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service DoS condition and execute arbitrary code via unspecified vectors...