Sign In

Communications of the ACM

ACM TechNews

Security Researchers Say They Hacked California's Digital License Plates

View as: Print Mobile App Share:
Reviver sells a thing called the RPlate, or a smart plate.

Reviver told Motherboard it had patched the software vulnerabilities that allowed for the intrusion to take place.

Credit: Justin Sullivan/Getty Images

Security researcher Sam Curry and colleagues identified a vulnerability in the app and website of Reviver, a company that sells digital license plates in California, Arizona, and Michigan.

Taking advantage of the vulnerability, Curry gained "full super administrative access" to "all user accounts and for all Reviver connected vehicles."

With such access, the researchers could track registered users' GPS locations, manipulate RPlate data, and report vehicles as stolen.

Said Curry, "An actual attacker could remotely update, track, or delete anyone's Reviver plate. We could additionally access any dealer (e.g. Mercedes-Benz dealerships will often package Reviver plates) and update the default image used by the dealer when the newly purchased vehicle still had dealer tags."

From Gizmodo
View Full Article


Abstracts Copyright © 2023 SmithBucklin, Washington, DC, USA


No entries found