Particle.news
Download on the App Store
3 ARTICLES
·
4d ago

Nissan Releases Patch to Close Infotainment Hack in 2020 Leaf

A Bluetooth flaw in the electric hatchback’s infotainment system enabled remote code execution through several tracked CVEs.

Image
A driver seat perspective of a steering wheel turning without the driver's direct control.
Image

Overview

  • Researchers at PCA Cyber Security used 2.4 GHz signal jamming to trick drivers into opening the Bluetooth pairing menu, allowing hijacking of the infotainment system.
  • Vulnerabilities span CVE-2025-32056 through CVE-2025-32063, covering an anti-theft bypass and multiple stack buffer overflows that enable remote code execution.
  • Once exploited, attackers could manipulate steering, brakes, wipers and mirrors, record in-cabin audio and track the vehicle via GPS.
  • PCA Cyber Security responsibly disclosed the flaw before presenting at Black Hat Asia, giving Nissan time to develop a firmware patch.
  • Nissan has released the firmware update, urging all 2020 Leaf owners to install it immediately to mitigate potential hacking risks.