Official announcements from Kia, major news outlets

Researchers Find Critical Flaw in Kia's Web Portal Allowing Remote Control of Vehicles Using License Plate

Sep 26, 2024, 04:00 PM

Researchers have discovered a critical vulnerability in Kia's web portal that allowed hackers to remotely control millions of vehicles. The flaw enabled attackers to track cars, unlock doors, start engines, and even honk the horn using only the license plate number or VIN. This vulnerability affected almost all Kia vehicles made after 2013. Kia has reportedly fixed the issue, but similar bugs have been found in a dozen other carmakers over the past two years. The cybersecurity flaw could have been exploited in as little as 30 seconds, accessing sensitive data and posing significant risks to vehicle owners. Researchers demonstrated the hack by infiltrating Kia's dealership website.