Dubai, UAE – 

At the Security Analyst Summit 2025, global cybersecurity firm Kaspersky revealed alarming findings from its latest security audit, uncovering vulnerabilities in the telematics systems of a major automotive manufacturer. The flaw, found through a contractor’s exposed application, could have allowed attackers to take remote control of vehicles — posing serious risks to driver and passenger safety.

The investigation revealed that by exploiting a zero-day vulnerability in a publicly accessible wiki platform used by one of the manufacturer’s contractors, attackers could gain entry into sensitive systems. Through this breach, Kaspersky’s experts managed to access the contractor’s issue-tracking platform, which contained confidential configuration details and hashed passwords for users connected to the manufacturer’s telematics servers.

Telematics systems are the digital nervous system of connected vehicles, enabling real-time data exchange such as location, speed, and engine diagnostics. Gaining control of this system means gaining control of critical vehicle functions.

On the manufacturer’s side, researchers identified weak password policies, unencrypted data storage, and lack of two-factor authentication. These weaknesses, combined with misconfigured firewalls, opened a pathway for intruders to move laterally across networks. Using stolen credentials, the researchers accessed the telematics servers and discovered a firmware update command that allowed unauthorized uploads to the Telematics Control Unit (TCU). This exposed the CAN (Controller Area Network) bus, which connects and controls core systems like the engine, transmission, and braking — potentially enabling an attacker to cut the engine or force gear shifts while the car was moving.

According to Artem Zinenko, Head of Kaspersky ICS CERT Vulnerability Research and Assessment, “The vulnerabilities we found are not unique to one company. They highlight systemic cybersecurity issues across the automotive industry — weak access controls, poor contractor security practices, and a lack of robust network isolation. One weak link in a third-party system can compromise an entire fleet of vehicles.”

Kaspersky stressed the need for stronger cybersecurity governance across both manufacturers and contractors.

For contractors, Kaspersky recommends:

• Restricting internet access to web services via VPN

• Isolating external systems from corporate networks

• Enforcing strong password policies and 2FA

• Encrypting all sensitive data

• Integrating real-time SIEM monitoring

For automotive manufacturers, the company suggests:

• Segregating telematics platforms from vehicle networks

• Using allowlists for authorized network interactions

• Disabling SSH password authentication

• Running services with minimal privileges

• Verifying command authenticity in all firmware updates

This case serves as a stark reminder that as vehicles become smarter, cybersecurity becomes as vital as mechanical safety. Kaspersky urges the global automotive sector to treat digital infrastructure with the same diligence applied to physical safety systems, ensuring a secure future for connected mobility.