This announcement was just made at the Security Analyst Summit 2025 conference, that is, a zero-day vulnerability in the public application of the partner contractor, opening the way for unauthorized access to the telematics system - the brain that controls and collects data from the car. In a real attack scenario, the bad guys can force the car to shift gears, turn off the engine while moving, directly threatening the safety of the driver and passengers.
Kaspersky discovers serious security vulnerability that threatens the safety of vehicles
According to Kaspersky, the security assessment was conducted remotely, focusing on the manufacturer's and contractor's public services. Experts discovered several access ports exposed to the Internet and a SQL injection vulnerability in the wiki application, which allowed them to extract user data and encrypted passwords. Part of these passwords were decrypted, thereby gaining access to the incident tracking system containing sensitive configuration information of the telematics infrastructure, including a file containing hashed passwords of server users.
On the connected car system side, the team discovered a misconfigured firewall, exposing internal servers.
Using the obtained credentials, they accessed the file system and were even able to send modified firmware update commands to the telematics controller (TCU).
This action allows access to the local area network (CAN) – which coordinates the engine, transmission and sensors, meaning many important vehicle functions can be controlled.
“These vulnerabilities stem from common mistakes such as maintaining weak passwords, lacking two-factor authentication and not encrypting sensitive data. Just one weak link in the supply chain can compromise the entire smart car system,” said Artem Zinenko, Head of ICS CERT Security Research and Assessment at Kaspersky.
Kaspersky calls on automakers to strengthen cybersecurity controls, especially with third-party partner infrastructure, to ensure user safety and maintain trust in connected car technology.
Kaspersky's recommendations to contractors and technology partners in the automotive sector:
- Restrict Internet access to web services via VPN, isolating services from the corporate intranet
- Separate web services, so they are not related to the corporate intranet
- Enforce a strict password policy
- Enable two-factor authentication (2FA)
- Encrypt sensitive data
- Integrate the logging system with the SIEM platform to monitor and detect incidents in real time. (SIEM - Security Information and Event Management is a security information and event management system that helps detect abnormal behavior or cyber attacks early)
For car manufacturers, Kaspersky recommends restricting access to the telematics platform (system that collects and processes vehicle data) from the vehicle's network, allowing only whitelisted network connections, disabling SSH password login, operating services with the minimum necessary permissions, ensuring the authenticity of control commands sent to the TCU (telematics control unit on the vehicle), and integrating a SIEM platform.
Source: https://nld.com.vn/phat-hien-lo-hong-zero-day-de-doa-an-toan-he-thong-o-to-ket-noi-toan-cau-196251113092524751.htm
![[Photo] General Secretary To Lam visits Long Thanh International Airport Project](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/11/13/1763008564398_vna-potal-tong-bi-thu-to-lam-tham-du-an-cang-hang-khong-quoc-te-long-thanh-8404600-1261-jpg.webp)
![[Photo] The "scars" of Da Nang's mountains and forests after storms and floods](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/11/13/1762996564834_sl8-jpg.webp)
![Dong Nai OCOP transition: [Article 3] Linking tourism with OCOP product consumption](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/11/10/1762739199309_1324-2740-7_n-162543_981.jpeg)
Comment (0)