Security experts find car vulnerabilities that affect almost every car brand in the world

According to reports, security experts have recently discovered security vulnerabilities affecting millions of cars, affecting almost all major car brands in the world.

Hackers can exploit vulnerabilities in car telematics systems, car APIs, and supporting infrastructure to do a variety of things and even take over your car completely remotely.

Car brands such as Mercedes-Benz, BMW, Rolls-Royce, Ferrari, Ford, Porsche, Toyota, Jaguar and Land Rover are affected, as well as fleet management company Spireon and digital license plate company Reviver.

According to reports, Sam Curry of Yuga Lab discovered vulnerabilities in multiple Hyundai and Genesis models during his research on cracking cars, and found that Sirius XM's Connected Vehicle Services vulnerability affects Honda, Nissan, Infiniti and Acuras.

Curry said: "The affected companies all fixed these issues within a day or two of reporting. We are working with all of these companies to verify them and ensure that these vulnerabilities cannot be bypassed."

Based on Curry's vulnerability research, security experts have successively discovered multiple security vulnerabilities with a wide range of effects. From a public safety perspective, the most serious vulnerabilities were discovered in Spireon.

The company owns several GPS vehicle tracking and fleet management brands, including OnStar, GoldStar, LoJack, FleetLocate and NSpire, covering 15 million connected vehicles.

"This will allow us to track and disable starters for police, ambulance and law enforcement vehicles in a number of different large cities, and issue commands to these vehicles," the researchers wrote.

An attacker could even send arbitrary commands to all 15 million cars from this panel to remotely unlock doors, honk the horn, start the engine, and disable the starter.

At present, the car companies affected by the vulnerability have not provided any further explanations.