Subaru Starlink Vulnerability Exposed Vehicles to Hijacking Risks
/ 1 min read
🚗🔓 Subaru’s Starlink service vulnerability exposed vehicles to potential hijacking. Security researchers uncovered a significant flaw in Subaru’s Starlink service that could allow attackers to track and control vehicles in the U.S., Canada, and Japan using only a license plate. Discovered by bug bounty hunter Sam Curry and researcher Shubham Shah, the vulnerability enabled unauthorized access to customer accounts and vehicle data with minimal information, such as a last name and ZIP code. Exploitation could lead to remote control of vehicles, retrieval of location history, and access to personal information. Fortunately, Subaru addressed the issue within 24 hours of being notified, and there is no evidence that the flaw was exploited before the patch.
