Tuesday, April 22, 2025
Homecyber securityBug in Toyota, Honda, and Nissan Car App Let Hackers Unlock &...

Bug in Toyota, Honda, and Nissan Car App Let Hackers Unlock & Start The Car Remotely

Published on

SIEM as a Service

Follow Us on Google News

The majority of major automobile manufacturers have addressed vulnerability issues that would have given hackers access to their vehicles to perform the following activities remotely:-

  • Lock the car
  • Unlock the car
  • Start the engine
  • Press the horn
  • Flas the headlights
  • Open the trunk of certain cars made after 2012
  • Locate the car

Flaw in SiriusXM

SiriusXM, one of the most widely used connected vehicle platforms available on the market, has a critical bug in its platform that affects all major vehicle brands.

There is a particular interest among security researchers in the area of connected cars, like Yuga Labs’ Sam Curry. In fact, he’s the one who was responsible for discovering a security hole in the connected cars of major car manufacturers during his routine research.

- Advertisement - Google News

There are a number of car manufacturers who use Sirius XM telematics and infotainment systems as a part of their vehicle technology.

Affected Car Brands

Here below we have mentioned the brands’ names that are affected due to this critical bug in SiriusXM:-

  • Acura
  • BMW
  • Honda
  • Hyundai
  • Infiniti
  • Jaguar
  • Land Rover
  • Lexus
  • Nissan
  • Subaru
  • Toyota

Vulnerability Analysis

During the process of analyzing the data, it was found that there is a domain (http://telematics(.)net) that is used during the vehicle enrollment process for the remote management of Sirius XM.

The flaw is associated with the enrollment process for SiriusXM’s remote management functionality which results in the vehicle being tampered with.

There is not yet any technical information available about the findings of the researchers at the present time, since they haven’t shared anything in detail.

Upon further analysis of the domain, it becomes apparent that the Nissan Car Connected App is one of the most plentiful and frequently referenced apps in this domain.

In order for the data exchanged through the telematics platform to be authorized, the vehicle identification number (VIN) only needs to be used. The VIN of the vehicle can therefore be used to carry out a variety of commands by anyone who knows the number.

The next step would be to log in to the application later on, and then the experts examined the HTTPS traffic that came from a Nissan car owner.

Researchers discovered one HTTP request during the scan in which they conducted a deep analysis. 

It is possible to obtain a bearer token return and a “200 OK” response by passing a VPN prefixed ID through as a customerID in the following way:-

Car App

Using the Authorization bearer in an HTTP request, researchers attempted to obtain information about the user profile of the victim and, as a result, they successfully retrieved the following information:-

  • Name
  • Phone number
  • Address
  • Car details

In addition to this, the API calls used by SiriusXM for its telematics services worked even if the user did not have an active subscription with SiriusXM.

As long as the developers or owners are not involved in the process of securing a vulnerable app, it is impossible to guarantee the security of that app. This is why they should be the only ones who can issue security updates and patches.

Recommendations

Here below we have mentioned the recommendations made by the security analysts:-

  • Ensure that you do not share the VIN number of your car with unreliable third parties.
  • In order to protect your vehicle from thieves, it is imperative to use unique passwords for each app connected to the vehicle.
  • Keep your passwords up-to-date by changing them on a regular basis.
  • Keeping your system up-to-date should be a priority for users.

Managed DDoS Attack Protection for Applications – Download Free Guide

Latest articles

TP-Link Router Vulnerabilities Allow Attackers to Execute Malicious SQL Commands

Cybersecurity researchers have uncovered critical SQL injection vulnerabilities in four TP-Link router models, enabling...

Faster Vulnerability Patching Reduces Risk and Lowers Cyber Risk Index

Trend Micro's Cyber Risk Exposure Management (CREM) solution has highlighted the critical role that...

Malicious npm Packages Target Linux Developers with SSH Backdoor Attacks

In a sophisticated onslaught targeting the open-source ecosystem, reports have emerged detailing several malicious...

Samsung One UI Vulnerability Leaks Sensitive Data in Plain Text With No Expiration!

A glaring vulnerability has come to light within Samsung's One UI interface: the clipboard...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

TP-Link Router Vulnerabilities Allow Attackers to Execute Malicious SQL Commands

Cybersecurity researchers have uncovered critical SQL injection vulnerabilities in four TP-Link router models, enabling...

Faster Vulnerability Patching Reduces Risk and Lowers Cyber Risk Index

Trend Micro's Cyber Risk Exposure Management (CREM) solution has highlighted the critical role that...

Malicious npm Packages Target Linux Developers with SSH Backdoor Attacks

In a sophisticated onslaught targeting the open-source ecosystem, reports have emerged detailing several malicious...