A team of researchers at PCAutomotive disclosed a critical vulnerability in Nissan Leaf EVs' infotainment systems, allowing attackers to remotely control vehicle functions. By exploiting a stack buffer overflow in the Bluetooth protocol, hackers can persistently compromise the system to manipulate doors, mirrors, steering, and safety features. The issue is compounded by outdated software and lack of firmware signing, causing potential hazards to vehicle owners and passengers. Despite being reported to Nissan, patches will only be available by Q3 2025, leaving current Leaf EVs at risk. Owners are advised to disable Bluetooth and seek dealership updates, as this security breach highlights significant automotive cybersecurity threats.
Source: https://cybersecuritynews.com/nissan-leaf-vulnerability-exploited/
"id": "tbw234040825",
"linkid": "tbwa-nissanunited",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"