Cybersecurity researchers have disclosed a set of now-patched vulnerabilities in Kia vehicles that could have allowed remote control over key functions simply by using a license plate.
The vulnerabilities impact almost all vehicles made after 2013, allowing attackers to potentially access sensitive information and execute commands on the vehicles remotely.
The research highlights how attackers could exploit the Kia dealership infrastructure to gain unauthorized access to vehicles and manipulate key functions without the owner’s knowledge.
These vulnerabilities were responsibly disclosed in June 2024 and promptly addressed by Kia by August 14, 2024.
The disclosure underscores the ongoing need for robust cybersecurity measures in automobiles to prevent potential exploitation of vulnerabilities that could compromise user safety.