A security flaw has been discovered in SiriusXM Connected Vehicle Services that has left many automakers’ vehicles vulnerable to a hacker attack. Automotive News United States, the researchers were able to control many functions, including unlocking the doors and starting the engine. The problem would have been corrected.
The issue was initially discovered by software security researchers who were snooping on a 2022 Hyundai Sonata Hybrid. An unspecified flaw in the computer code allowed researchers to locate the car, activate the horn, lights, door locks door and start the engine, provided they have the vehicle identification number (VIN). The steering, throttle, brakes and systems needed to drive the car remotely were not accessible.
Using this information, the researchers accessed models from Honda, Toyota, and Nissan in the same way. Further analysis of the issue revealed the issue with SiriusXM Connected Services, which offers a range of remote assistance including automatic collision notification, vehicle monitoring and stolen vehicle recovery, geofencing, and more.
According to the SiriusXM Connected Services website, the company has programs with 15 OEMs, offers more than 50 connected services, and is active on more than 12 million vehicles. No other automakers besides Honda, Toyota, Nissan and Hyundai were mentioned in the report.
Once the flaw was discovered, researchers notified SiriusXM and the automakers. In a statement to Automotive News, SiriusXM said the issue was “resolved within 24 hours of submitting the report. At no time was any subscriber or other data compromised, and no unauthorized accounts were modified at any time.” using this method”. Statements from Hyundai and Honda indicated that there were no known malicious actions or compromised accounts resulting from the issue.
As wireless technology evolves in the automotive field, the question of security continues to arise. In early 2022, a 19-year-old hacker was able to take control of Tesla vehicles and reported the issue to Tesla. There was a pretty big incident in 2015 where a Jeep Cherokee was remotely hacked. However, this is not just a concern for modern connected systems. A 2019 study highlighted how signals from remote key fobs can be intercepted and used to unlock or start vehicles.
