Vulnerabilities In Kia's Dealer Portal Can Be Abused To Steal Cars

Researchers found flaws in Kia's dealer portal, allowing hackers to locate and steal cars made after 2013 using only the license plate. Sam Curry and his team, who previously uncovered similar issues with other car brands, revealed in June 2024 that these flaws could be exploited in under 30 seconds to control any Kia with remote hardware, even without an active Kia Connect subscription. The vulnerabilities exposed personal info and allowed attackers to remotely control vehicles or add themselves as users without the owner's knowledge. Read more...