Techly NewsGet the app

Get the latest tech news

Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere


Security researcher Eaton Zveare told TechCrunch that the flaws he discovered in the carmaker's centralized dealer portal exposed vast access to customer and vehicle data. With this access, Zveare said he could remotely take over a customer's account and unlock their cars, and more.

Eaton Zveare, who works as a security researcher at software delivery company Harness, told TechCrunch the flaw he discovered allowed the creation of an admin account that granted “unfettered access” to the unnamed carmaker’s centralized web portal. In an interview with TechCrunch ahead of his talk at the Def Con security conference in Las Vegas on Sunday, Zveare said the bugs put a spotlight on the security of these dealership systems, which grant their employees and associates broad access to customer and vehicle information. “No one even knows that you’re just silently looking at all of these dealers’ data, all their financials, all their private stuff, all their leads,” said Zveare, in describing the access.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of cars

cars

Photo of hacker

hacker

Photo of carmaker

carmaker

Related news:

News photo

What is the average length of a queue of cars? (2023)

News photo

Hacker extradited to US for stealing $3.3 million from taxpayers

News photo

Amazon lets you buy used cars now in just a few clicks - here's how

« U.S. Government to Take Cut of Nvidia and AMD A.I. Chip Sales to China
New Pixel Watch 4 leak reveals clearer shots of its upgraded sensors and charging setup »