Car Dealership Portal Flaw Exposes Customer Data, Vehicle Control
A security researcher discovered critical flaws in an unnamed major carmaker’s online dealership portal. These flaws allowed the creation of an admin account, granting access to sensitive customer data, including personal information, financial details, and vehicle location tracking. The researcher, Eaton Zveare, demonstrated the ability to remotely access and potentially control vehicles. He reported the vulnerabilities, which were subsequently patched, highlighting significant security risks within dealership systems.
https://jqjo.com/news/en/Car-Dealership-Portal-Flaw-Exposes-Customer-Data-Vehicle-Control/60829
