PCAutomotive at Black Hat Asia 2025 – Presenting Groundbreaking Automotive Security Research

The Growing Importance of Automotive Cybersecurity 

As vehicles become more connected and software-driven, cyber threats targeting automotive systems are increasing. Vulnerabilities in infotainment systems, ECUs, and wireless communication protocols pose serious risks, making automotive cybersecurity research more critical than ever. 

At Black Hat Asia 2025, one of the world’s premier cybersecurity conferences, PCAutomotive’s security researchers will present groundbreaking research on automotive system vulnerabilities. 

What to Expect from PCAutomotive at Black Hat Asia 2025 

Our experts will unveil new research about asia 25/briefings/schedule/index on remote exploitation techniques that could impact connected vehicles and embedded systems. The briefing titled: “Remote Exploitation of the Nissan Leaf: Controlling Critical Body Elements from the Internet “ will focus on: 

As the automotive industry navigates UNECE R155, ISO 21434, and other cybersecurity regulations, our research helps OEMs, Tier-1 suppliers, and mobility providers stay ahead of emerging threats. 

Meet Us at Black Hat Asia 2025 

We’re not just presenting – we’re exhibiting at Booth #513, where visitors can explore our penetration testing, automotive threat intelligence, and cybersecurity solutions.

Visit PCAutomotive at Black Hat Asia 2025

Briefing Title: Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet 

Briefing Extract

Today's vehicles are evolving rapidly, with a rising number of electric models and an expanding array of digital technologies, such as onboard Wi-Fi, Bluetooth, and USB connectivity. These advancements are making cars increasingly connected and technologically complex. However, most vehicles still have largely proprietary internal systems, which, coupled with the critical importance of automotive safety, makes them a significant area of focus for security research.

This talk explores our successful remote compromise of a 2020 Nissan Leaf, demonstrating how vulnerabilities in the vehicle's connected systems can be exploited to gain control over critical body functions. Our approach began by exploiting weaknesses in Bluetooth to infiltrate the internal network, followed by bypassing the secure boot process to escalate access. Establishing a Command and Control (C2) channel over DNS allowed us to maintain a covert, persistent link with the vehicle, enabling full remote control. By compromising an independent communication CPU, we could interface directly with the CAN bus, which governs critical body elements, including mirrors, wipers, door locks, and even the steering.

Given the serious safety implications, discussing these vulnerabilities is essential for advancing vehicle cybersecurity. In this session, we'll share technical insights into each stage of the compromise—from initial access and command execution to bypassing gateway filters. Our findings underscore the urgent need for improved protections in connected vehicles to safeguard against remote exploitation.

Briefing Date and Time:  Friday, April 4 | 3:20pm-4:00pm

Exhibition: April 3-4, 2025 (Booth #513)

Stay ahead of automotive cyber threats – meet our team in Singapore!