Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Corvette text vulnerability fix on the way

Mobile Devices said it will soon distribute updates that will fix the security flaw in its On-Board Diagnostics II (OBD-II) dongle which could allow hackers to remotely control the unit via text message.

The vulnerable devices should have an update in place, which will turn on all of a device's built-in security mechanism, within 10 days of an Aug. 12 report in Computerworld. Company policy had been to let integrators decide whether or not to implement the full security package, but that will now be changed and the top level of security available will be activated when the device is deployed into the field.

The change comes in response to hack into a 2013 Corvette's OBD-II port made by Mobile Devices researchers at the University of California at San Diego. They input both innocuous and dangerous commands, turning on the wipers and cutting the brakes.

“As always, before a customer connects a third-party device to the vehicle diagnostic port we encourage the customer to understand the potential effects of the device on their vehicle, including any information that the device may access and any impact that the device may have on the vehicle or its operation,” said Michael Albano, Chevrolet's director of communications, to in a email.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.