40 matches found
EUVD-2020-21812
Malware in sbrugna...
EUVD-2023-32520
Malicious code in bioql PyPI...
CVE-2023-28900
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
CVE-2020-29439
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...
Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number
In June of 2024 security researchers uncovered a set of vulnerabilities in the Kia dealer portal that allowed them to remotely take over any Kia vehicle built after 2013—and all they needed was a license plate number. According to the researchers: "These attacks could be executed remotely on any...
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in...
Malicious code in nhtsa-vin (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6996 Malicious code in nhtsa-vin (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6888 Malicious code in em_synchrony-dataone-vin (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6883 Malicious code in edmunds-vin (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in edmunds-vin (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
CVE-2023-28901
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
CVE-2023-28900
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
Improper access control
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
Improper access control
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
CVE-2023-28901 Trip Data Disclosure from Backend
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
CVE-2023-28900 Nickname Disclosure on the Backend Automotive Server
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
CVE-2023-28900 Nickname Disclosure on the Backend Automotive Server
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
Security vulnerabilities in major car brands revealed
Your car potentially hasnt "just" been a car for a long time. With multiple digital systems, vehicles are increasingly plugged into web applications and digital processes. These systems tie into everything from passwords and web chat systems for car company employees, to file repositories and oth...
Vehicle Identification Numbers reveal driver data via telematics
There are many ways that data collection, and data availability, make less sense as the years pass by. This is frequently accompanied by a resistance to change, to improve these processes, because "thats how weve always done it". Sadly this is often the case even when those data collectors have...