Zack WhittakerICYMI from Def Con: Security researcher Eaton Zveare found bugs in a carmaker's centralized dealer web portal's login flow that allowed "unfettered access" to customer data and systems inside. The portal allowed the remote controlling of some car functions, like door unlocking.
Zveare said the bugs, now fixed, highlight the risks of these web-connected data portals that contain gobs of customers' data.
Security flaws in a carmaker's web portal let one hacker remotely unlock cars from anywhere | TechCrunch
Security researcher Eaton Zveare told TechCrunch that the flaws he discovered in the carmaker's centralized dealer portal exposed vast access to customer and vehicle data. With this access, Zveare said he could remotely take over a customer's account and unlock their cars, and more.
smeg