A severe flaw in a major automaker’s dealer portal allowed unauthorized attackers to register for dealer accounts, escalate privileges to a national administrator, and ultimately control vehicles remotely. The vulnerability resides in the portal’s Java/SAP backend and AngularJS frontend, where hidden registration forms could be exposed and abused. Takeaways1. Attackers exposed a hidden registration form […]
The post Critical Vulnerability in Carmaker Portal Let Hackers Unlock the Car Remotely appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: