More specifically, Curry exploited a method that Kia dealers use to assign new cars to owners using Kia's KDealer platform. The vulnerability allowed him to impersonate a Kia dealership trying to ...
The researchers registered a dealer account on Kia's kiaconnect.kdealer.com dealer portal to gain access to this information. Once authenticated, they generated a valid access token that gave them ...
The research — spearheaded by a group of four security experts, who also call themselves "hackers" — uncovered a weakness in the application programming interface that connects kdealer.com ...
In a blog post, Sam detailed how the team was able to access Kia's backend dealer API by registering for a dealer account on Kia's kiaconnect.kdealer.com portal. Once authenticated, they obtained ...
A new proof of concept released this week—simply called Kiatool—is probably the most powerful attack against any Kia we've ...
Curry reportedly figured out the methods dealers use to assign new cars to owners using Kia's KDealer platform. He then found a flaw in the KDealer API, which allowed him to impersonate a dealership ...
Cybersecurity researchers have revealed a series of now-patched vulnerabilities in Kia vehicles that could have provided ...
The crux of the research is that the issues exploit the Kia dealership infrastructure ("kiaconnect.kdealer[.]com") used for vehicle activations to register for a fake account via an HTTP request and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback