Incident Response, Network Security, TDR, Vulnerability Management

Five years later, GM patches OnStar flaw that allowed remote control of vehicle

After nearly half a decade, General Motors (GM) finally got around to patching an exploit that left millions vulnerable to an attack that could seize almost complete control of a vehicle, Wired reported.

In 2010, researchers at the University of California at San Diego (UCSD) disclosed to both GM and the National Highway and Safety Administration (NHSA) that they had hacked into in the OnStar system of a 2009 Chevy Impala and controlled everything short of the steering wheel. The exploit also existed in other Generation 8 OnStar enabled vehicles.

After learning of the vulnerability GM made several attempts to fix it, but was unsuccessful until November 2014 when the company began pushing out updates without fanfare. GM's chief product cybersecurity officer told Wired that the automaker wasn't prepared for the threat of car hackers in 2010 but has since improved.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.