Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere

A security researcher, Eaton Zveare, has discovered significant vulnerabilities in a major carmaker's web portal. According to the report, the flaws in the carmaker's centralized dealer portal provided vast access to customer and vehicle data. With this access, Zveare claimed he could remotely take over a customer's account and perform actions such as unlocking their cars. The vulnerabilities highlighted the potential risks associated with the increasing connectivity and digitalization of modern vehicles. The report emphasizes the importance of robust security measures to protect customer data and prevent unauthorized access to critical vehicle functions. While the carmaker has not been named in the article, the discovery of these security flaws underscores the need for manufacturers to prioritize cybersecurity and ensure the safety and privacy of their customers. The incident serves as a wake-up call for the industry to address such vulnerabilities and strengthen their security protocols to prevent similar breaches in the future.