It is possible to control a car remotely by using the car license plate ?

Security researcher Sam Carey says vulnerabilities in a website dedicated to Kia car owners could have allowed attackers to remotely control millions of vehicles.

These types of problems allow attackers to gain control of the vehicle's main functions in 30 seconds, using just the license plate.

In addition، the vulnerability allows attackers to collect the victim's personal information، such as name, address and email address, as well as phone numbers, without the owner's knowledge.

Carey and three other researchers found that Kia's owners' website executes Internet commands for cars and relies on backend reverse-proxies to redirect commands to an API that is responsible for executing commands.

Researchers have also found that Kia's dealership infrastructure has a similar mechanism that handles requests related to vehicle searches, account searches, vehicle registrations, and other agency functions.

After registering on Kia's dealership website, a link it will be sent via email to new users for registration purposes using the same prompt used when registering on the main portal.

Kia Motors is a South Korean multinational automobile manufacturer headquartered in Seoul, South Korea. It is South Korea's second largest automobile manufacturer and
This vulnerability includes all Kia models built since 2013.