Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore critical vulnerabilities discovered in automotive dealer platform software that could have compromised vehicle security and customer privacy on a national scale. Learn how researchers uncovered API flaws in a centralized dealer system used by over 1,000 dealerships across the USA, demonstrating how these vulnerabilities enabled the creation of unauthorized national admin accounts with extensive privileges. Discover the full exploitation process from initial reconnaissance to gaining access, including techniques for remotely starting vehicles using only owner names, accessing personal information through VIN lookups, bypassing two-factor authentication systems through user impersonation functions, and reassigning vehicle ownership through enrollment system manipulation. Understand the interconnected nature of automotive dealer platforms and manufacturers, examine the security implications of centralized dealer management systems, and gain insights into how seemingly isolated dealer software can create unexpected attack vectors to connected vehicles and sensitive customer data.
