Lucene search
K

13 matches found

Snyk
Snyk
added 2026/04/01 11:1 p.m.5 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the vehicle authentication. An attacker can impersonate arbitrary vehicle identification numbers VINs by submitting falsified telemetry records using compromised client credentials. Remediation Upgrade...

8.2CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/04/01 11:1 p.m.4 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the vehicle authentication. An attacker can impersonate arbitrary vehicle identification numbers VINs by submitting falsified telemetry records using compromised client credentials. Remediation Upgrade...

8.2CVSS5.9AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2025/11/05 1:46 p.m.4 views

Should you let Chrome store your driver’s license and passport?

Google has rolled out a new autofill feature for Chrome that goes beyond storing just your passwords, addresses, and credit card numbers. The new "enhanced autofill" can now stash your driver's license, passport details, VIN, or license plate information. Sounds convenient, right? But just becaus...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/11 1:18 p.m.4 views

Online portal exposed car and personal data, allowed anyone to remotely unlock cars

A carmaker’s online dealership portal has been found leaking the private information and vehicle data of its customers. This also meant that anyone with access could remotely break into a car. Researcher Eaton Zveare shared his discovery with TechCrunch. Although he said he has chosen not to...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/26 4:2 p.m.22 views

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in...

7.8AI score
Exploits0
CNNVD
CNNVD
added 2024/01/18 12:0 a.m.3 views

Skoda Security Breach

Skoda is a line of automobiles from Skoda Inc. A security vulnerability exists in Skoda Automotive that originates from allowing access to user nicknames and identifiers by specifying arbitrary vehicle VIN numbers...

5.3CVSS6.8AI score0.00377EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.3 views

PT-2024-12183 · Skoda · Skoda Automotive Cloud

Name of the Vulnerable Software and Affected Versions: Skoda Automotive cloud affected versions not specified Description: The issue allows attackers to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number, due to a Broken Access...

5.3CVSS5.2AI score0.00377EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2022/12/12 3:0 a.m.13 views

A week in security (December 5 - 11)

Last week on Malwarebytes Labs: Security advisories are falling short. Here's why, with Dustin Childs: Lock and Code S03E25 Eufy "no cloud" security cameras streaming data to the cloud Snapchat gives Californians more power over their personal data Update now! Emergency fix for Google Chrome's V8...

Exploits0
Malwarebytes
Malwarebytes
added 2022/12/06 12:45 p.m.10 views

Vehicle Identification Numbers reveal driver data via telematics

There are many ways that data collection, and data availability, make less sense as the years pass by. This is frequently accompanied by a resistance to change, to improve these processes, because "thats how weve always done it". Sadly this is often the case even when those data collectors have...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/05 11:8 a.m.101 views

SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars

Cybersecurity researchers have discovered a security vulnerability that exposes cars from Honda, Nissan, Infiniti, and Acura to remote attacks through a connected vehicle service provided by SiriusXM. The issue could be exploited to unlock, start, locate, and honk any car in an unauthorized manne...

0.9AI score
Exploits0
OSV
OSV
added 2020/11/30 10:15 p.m.2 views

CVE-2020-29439

Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...

4.6CVSS5.8AI score0.00409EPSS
Exploits1References1
CNNVD
CNNVD
added 2020/11/30 12:0 a.m.8 views

Tesla Model X Security Breach

Tesla The Tesla Model X is a new energy vehicle from the American company Tesla. A security vulnerability exists in versions of Tesla Model X vehicles prior to 2020-11-23, which stems from the fact that its key fobs rely on 5 VIN digits for authentication, and the Body Control Module BCM is...

4.6CVSS5.8AI score0.00409EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2011/01/05 1:31 a.m.8 views

Millions of Honda/Acura owners affected by hacked Honda database !

The Japanese motor company, Honda, today issued an alert to U.S. customers concerning a security breach resulting from a hacked database. The database that was managed by a third-party marketing group contained confidential information, including names of car owners, personal e-mail addresses, an...

6.6AI score
Exploits0
Rows per page
Query Builder