Automotive Zero-Day
Vulnerabilities
Real-World Exploit Intelligence
The Latest Automotive Zero-Day Vulnerability Database
The following is a list of automotive vulnerabilities discovered by researchers through Trend Micro’s Zero Day Initiative (ZDI) that are yet to be publicly disclosed. This initial list comprises zero-day vulnerabilities discovered at Pwn2Own Automotive, hosted by VicOne with the ZDI. For each vulnerability, the affected vendor has been contacted and is expected to develop a patch. These vulnerabilities are handled according to the ZDI Disclosure Policy. The zero-day identifier of a vulnerability refers to the candidate (CAN) number assigned to the vulnerability by the ZDI.
| Zero-day identifier | CVE | Category | Impact |
|---|
Want to know if you’ve been impacted?
Contact us to assess risks
Gain Advantage With
Unique Zero-Day Insights
VicOne’s best-in-class automotive threat intelligence includes early access to vital information on automotive zero-day vulnerabilities:
- Gain Early Warning: We empower OEMs, suppliers, and stakeholders with risk assessment capabilities. We will assess whether your components or software versions are impacted by zero-day vulnerabilities ahead of competitors, allowing for better resource allocation during planning. This approach complies with the spirit of ISO/SAE 21434 by helping you monitor newly emerged vulnerabilities.
- Gain Early Protection: We will evaluate how to collaborate with you based on attack tactics, techniques, and procedures to create effective virtual patches for safeguarding your system.
Want to know if you’ve been impacted?
Contact us to assess risks
No. 1
in vulnerability discovery and disclosure since 2007*
5+ years
of partnership with Tesla for Pwn2Own, starting in 2017
*Source: Omdia Research, Quantifying the Public Vulnerability Market: 2024 Edition
