Research from Shubham Shah and Sam Curry reveals Subaru’s STARLINK connected vehicle service contains a vulnerability that permits unrestricted, targeted access to all user accounts and vehicles in the United States, Canada, and Japan.
By exploiting this vulnerability, a malicious actor could obtain sensitive data and control if they also had the victim’s surname and ZIP code, phone number, email address, or license plate. With the listed information, a malicious actor could:
Educational Webinars, Videos & Podcasts: Receive cutting-edge insights and invaluable resources, empowering you to stay ahead in the dynamic world of security.
Empowering Content: At your computer or on-the-go, stay up-to-date when you receive our eNewsletters curated with the latest technology and services that address physical, logical, cyber and enterprise resilience.
Unlimited Article Access: Dive deep into the world of cybersecurity and risk management leadership with unlimited access to our library of online articles.