A pair of researchers developed an exploit that allows them to override the user controls of electric skateboards made by the company Boosted.
Richard Healey and Mike Ryan developed an attack, dubbed Faceplant, which allows an attacker to gain control the board’s speed, direction, braking system and even upload arbitrary code, according to Wired.
The duo discovered that manufactures did not encrypt the connection between the board and its remote controller after Healey’s own electric board was forced to stop by a flood of Bluetooth interference signals.
Healey and Ryan reported their findings to Boosted last September but the company has yet to issue a patch. Boosted did inform the researchers that it will have a mitigation technique in place before the duo gives a presentation on the exploit at the DEF CON 2015 Conference this Saturday.
The duo also found critical vulnerabilities in boards made by Revo and Yuneec that stemmed from a lack of encryption.