Nissan Leaf - vulnerable APIs

Leaf Interest Group
Post Reply
tassie_tiger
Groupie
Posts: 119
Joined: Mon, 16 Jun 2008, 14:58
Real Name: Andrew
Contact:

Nissan Leaf - vulnerable APIs

Post by tassie_tiger » Fri, 26 Feb 2016, 13:24

"What the workshop attendee ultimately discovered was that not only could he connect to his LEAF over the internet and control features independently of how Nissan had designed the app, he could control other people’s LEAFs."

more, including video:

http://www.troyhunt.com/2016/02/control ... issan.html
My hobby interests are EV's and competitions. aeva.asn.au for ev's and www.lottos.com.au for competitions. If your partner complains about you ev'ing, send 'em to lottos!

mikedufty
Senior Member
Posts: 628
Joined: Tue, 02 Dec 2008, 00:15
Real Name: Michael Dufty
Location: Perth, Western Australia
Contact:

Nissan Leaf - vulnerable APIs

Post by mikedufty » Fri, 26 Feb 2016, 17:21

It doesn't seem particularly dangerous, the worst it seems is to allow people to turn on your airconditioning for 15 minutes.

Quite concerning that they don't seem to have made any attempt whatsoever to secure the communications though.

Post Reply