Automotive Zero-Day Vulnerability Advisories
The following is a list of automotive vulnerabilities discovered by researchers through Trend Micro’s Zero Day Initiative (ZDI) that are yet to be publicly disclosed. This initial list comprises zero-day vulnerabilities discovered at Pwn2Own Automotive, hosted by VicOne with the ZDI. For each vulnerability, the affected vendor has been contacted and is expected to develop a patch. While the vendors work on patches for these vulnerabilities, VicOne customers are protected from exploitation by virtual patches delivered ahead of public disclosure. These vulnerabilities are handled according to the ZDI Disclosure Policy.
ZDI CAN | Target | Category | Type | State |
---|
VicOne: Protection Beyond Others’
Against Automotive Zero-Day Vulnerabilities
VicOne’s best-in-class automotive threat intelligence includes early access to vital information on automotive zero-day vulnerabilities, thanks to VicOne’s pioneering partnership with the ZDI. As a result, VicOne’s range of products can detect automotive zero-day vulnerabilities, such as those discovered at Pwn2Own Automotive, even before they are publicly disclosed. By offering early detection capabilities, VicOne empowers automotive OEMs, suppliers, and stakeholders to determine whether their components or systems are vulnerable and to proactively assess risks and potential business impacts ahead of competitors.
VicOne: Accelerating Automotive
Zero-Day Vulnerability Discovery
Brings attention to the ever-expanding connected car attack surface, thereby highlighting the urgency of fortifying the industry against emerging and evolving threats.
Emphasizes the importance of safeguarding the complex components and technologies that make up the modern connected vehicle, paving the way for more robust and resilient cybersecurity protection.
Goes beyond vulnerability disclosures by forging strategic connections and collaborations among security researchers and automotive stakeholders, in a community where groundbreaking discoveries are duly recognized and acted upon.
More Insights Into Automotive
Zero-Day Vulnerabilities From VicOne
- Read MoreBlogApril 8, 2024The NIST IR 8473 cybersecurity framework profile marks a shift in scope from individual chargers to the entire charging infrastructure. This expanded scope suggests that electric vehicle supply equipment manufacturers and charge point operators need to consider cybersecurity from an industry-level risk-based approach rather than focusing solely on individual IoT devices.