Nissan Leaf EV’s security vulnerability unveiled

It has been reported by Troy Hunt, a prominent security researcher, that some of Nissan’s Leaf cars can be easily hacked, allowing hijackers to alter the heating and air-conditioning systems.

Hunt claimed that a flaw in the electric vehicle’s (EV) company app meant data regarding the drivers’ recent journeys could be accessed by external sources. The security researcher said he had given the firm one month to fix the issue before he decided to make it public.

While Nissan have said there is no safety threat, Hunt advised Leaf owners to disable their Nissan CarWings account to avoid the risk. he warned that hackers could exploit the app’s vulnerability to cause mischief by running down people’s batteries.

In an interview with the BBC, he said: "The right thing to do at the moment would be for Nissan to turn it off altogether. They are going to have to let customers know. And to be honest, a fix would not be hard to do. It's not that they have done authorisation [on the app] badly, they just haven't done it at all, which is bizarre."

A spokeswoman for Nissan assured that the manufacturer was tackling the issue. She said: "Nissan is aware of a data issue relating to the NissanConnect EV app that impacts the climate control and state of charge functions. It has no effect whatsoever on the vehicle's operation or safety.

“Our global technology and product teams are currently working on a permanent and robust solution. We are committed to resolving the issue as a matter of priority, ensuring that we deliver the best possible experience for our customers through the app now and in the future.”

Read more