Critical Vulnerability Allows Total Remote Control of Vehicles

A critical vulnerability has been discovered in SinoTrack GPS devices, which are used in millions of vehicles worldwide. This flaw, documented in the CISA advisory ICSA-25-160-01 (CVE-2025-5484), allows an attacker to take full control of the vehicle, including stopping the engine, disengaging the brakes, and opening the doors. The manufacturer has not responded to warnings for over 45 days.