Hackers turn Nissan LEAF into full-scale RC car, record drivers’ conversations [video]

A team of white hat European hackers using their brains, keyboards, and a couple of bits and baubles from eBay managed to take control of a 2020 Nissan LEAF and violate just about every privacy and safety regulation in the process.

The best part: they recorded the whole thing.

Budapest-based cybersecurity experts PCAutomotive were able to exploit a number of vulnerabilities in a 2020 Nissan LEAF that enabled the white hat team to geolocate and track the car, record the texts and conversations happening inside the car, playing media back through the car’s speakers, and even (this is the genuinely terrifying dangerous part) turning the steering wheel while the car was moving. (!?)

Maybe the scariest part of this hack, however, is how seemingly easy it was to pull off by starting with a “test bench simulator” built using parts from eBay and exploiting a vulnerability in the LEAF’s DNS C2 channel and Bluetooth protocol.

Advertisement – scroll for more content

The PCAutomotive team gave a hugely detailed 118-page presentation of their exploit at black hat Asia 2025, which we’ve included at the bottom of this post, in case the original link goes dead. If you’re into that sort of thing, the fun stuff starts around page 27. And, if you’re not, just know that all the vulnerabilities were disclosed to Nissan and its suppliers between 02AUG2023 and 12SEP2024 (p. 116/118), and the “attack” itself can be seen in the video below that. Enjoy!

Summary of vulnerabilities

• CVE-2025-32056 – Anti-Theft bypass
• CVE-2025-32057 – app_redbend: MiTM attack
• CVE-2025-32058 – v850: Stack Overflow in CBR processing
• CVE-2025-32059 – Stack buffer overflow leading to RCE [0]
• CVE-2025-32060 – Absence of a kernel module signature verification
• CVE-2025-32061 – Stack buffer overflow leading to RCE [1]
• CVE-2025-32062 – Stack buffer overflow leading to RCE [2]
• PCA_NISSAN_009 – Improper traffic filtration between CAN buses
• CVE-2025-32063 – Persistence for Wi-Fi network
• PCA_NISSAN_012 – Persistence through CVE-2017-7932 in HAB of i.MX 6

Remote exploitation of Nissan LEAF

Electrek’s Take

This is one of those posts that, on the bright side, does a great job explaining how a remote operator can “log in” to a vehicle and steer it out of trouble when a weird or edge-case-type situation pops up.

Unfortunately, this is also one of those posts that some of the more clueless anti-EV hysterics will point to and say, “See!? EVs can get hacked!” But the reality is that virtually any car with electric power steering (EPS), electronic throttle controls, brake-by-wire, etc. can be hacked in a similar way. But, while steering a target’s car into an oncoming semi might be a great way to pull off a covert CIA assassination, the more worrying issue here is the breach of privacy and recording – unless you want to spend some time in El Salvadoran prison, I guess.

Remember, kids: Big Brother is watching you.

SOURCE | IMAGES: black hat.

If you’re considering going solar, it’s always a good idea to get quotes from a few installers. To make sure you find a trusted, reliable solar installer near you that offers competitive pricing, check out EnergySage, a free service that makes it easy for you to go solar. It has hundreds of pre-vetted solar installers competing for your business, ensuring you get high-quality solutions and save 20-30% compared to going it alone. Plus, it’s free to use, and you won’t get sales calls until you select an installer and share your phone number with them. 

Your personalized solar quotes are easy to compare online and you’ll get access to unbiased Energy Advisors to help you every step of the way. Get started here.