Automotive Zero-Day
Vulnerabilities
Real-World Exploit Intelligence
The Latest Automotive Zero-Day Vulnerability Database
The following is a list of automotive vulnerabilities discovered by researchers through Trend Micro’s Zero Day Initiative (ZDI) that are yet to be publicly disclosed. This initial list comprises zero-day vulnerabilities discovered at Pwn2Own Automotive, hosted by VicOne with the ZDI. For each vulnerability, the affected vendor has been contacted and is expected to develop a patch. These vulnerabilities are handled according to the ZDI Disclosure Policy. The zero-day identifier of a vulnerability refers to the candidate (CAN) number assigned to the vulnerability by the ZDI.
| Zero-day identifier | CVE | Affected vendor | Category | Impact |
|---|
Want to know if you’ve been impacted?
Contact us to assess risks
Gain Advantage With
Unique Zero-Day Insights
VicOne’s best-in-class automotive threat intelligence includes early access to vital information on automotive zero-day vulnerabilities:
- Gain Early Warning: We empower OEMs, suppliers, and stakeholders with risk assessment capabilities. We will assess whether your components or software versions are impacted by zero-day vulnerabilities ahead of competitors, allowing for better resource allocation during planning. This approach complies with the spirit of ISO/SAE 21434 by helping you monitor newly emerged vulnerabilities.
- Gain Early Protection: We will evaluate how to collaborate with you based on attack tactics, techniques, and procedures to create effective virtual patches for safeguarding your system.
Want to know if you’ve been impacted?
Contact us to assess risks
No. 1
in vulnerability discovery and disclosure since 2007*
5+ years
of partnership with Tesla for Pwn2Own, starting in 2017
*Source: Omdia Research: Quantifying the Public Vulnerability Market: 2022 Edition
More Insights Into Automotive
Zero-Day Vulnerabilities From VicOne
- Read More
BlogJuly 4, 2024A software provider for automotive dealerships recently fell victim to a ransomware attack, causing widespread outages and crippling operations for thousands of car dealers. We examine the far-reaching implications of this incident on the automotive supply chain, outline critical lessons learned, and provide strategic security recommendations for automotive stakeholders. - Read More
BlogJune 19, 2024In this second part of our series on vehicle entry system technology, we focus on its most recent iteration, the ultra-wideband (UWB) protocol. We cover its advantages, the potential vulnerabilities it carries, and the measures that will help secure its integration into vehicles. - Read More
BlogJune 11, 2024VicOne has partnered with the Automotive Security Research Group (ASRG) to launch AutoVulnDB, an innovative database focused on automotive vulnerabilities. This initiative provides exceptional coverage of automotive threat intelligence, establishing VicOne as the industry leader in comprehensive vulnerability management.
