Nissan: Difference between revisions

(5 intermediate revisions by 4 users not shown)

Line 3:

|Founded = 1933

|Industry = Automotive

|Logo = Nissan ~~Motor Corporation 2020~~ logo~~-local file~~.svg

|Logo = Nissan logo.svg

|ParentCompany =

|Type = Public

Line 15:

*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}</ref>

*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}<nowiki></ref></nowiki>

*'''Cost of software updates:''' It is up to Nissan's discretion if certain software updates are offered for free or are withheld until certain fees are paid.<ref>{{Cite web |author= |title=NissanConnect® {{!}} Vehicle Software |url=https://www.nissan.ca/services/apps/nissan-connect/software.html |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250920213457/https://www.nissan.ca/services/apps/nissan-connect/software.html |archive-date=20 Sep 2025 |quote=Additionally, updates or modifications to Software may be made available by Nissan for download and installation by owners from time to time, either on a complimentary or for-fee basis, as determined by Nissan in its sole discretion.}}</ref>

Line 34:

===Safety issues with the NissanConnect EV app (''2025'')===

Researchers at Black Hat Asia 2025 have found issues within the NissanConnectEV app, since it relied upon a Vehicle Identification Number to communicate with the user and to authenticate communications, and this number proved to be easy to reverse-engineer. This allowed hackers to easily access the app.<ref>{{Cite web |last=Pokharel |first=Bijay |title=Researchers Hack Nissan Leaf Remotely, Exposing Major Security Flaws in Car App |url=https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |website=Abijita Foundation |date=8 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20251018194523/https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |archive-date=18 Oct 2025}}</ref><ref>{{Cite web |last=Mearian |first=Lucas |title=Hackers can access the Nissan Leaf via insecure APIs |url=https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |website=CSO |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20231204030039/https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |archive-date=4 Dec 2023}}</ref><ref>{{Cite web |author= |title=Critical Security Vulnerabilities Found in Nissan Leaf: Remote Hacking Demonstrated |url=https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |website=Security Land |date=14 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20260304055732/https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |archive-date=4 Mar 2026}}</ref><ref>{{Cite web |last=Kovacs |first=Eduard |title=API Flaw Exposes Nissan LEAF Cars to Remote Attacks |url=https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |website=Security Week |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20160227082244/https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |archive-date=27 Feb 2016}}</ref>

===NissanConnect EV app discontinuation (2026)===

In early 2026, Nissan informed affected customers that the NissanConnect EV app will cease operating as of March 30th 2026. Owners of Nissan Leaf electric cars produced before May 2019 and the e-NV200 van (produced until 2022) will no longer be able to use the remote features of their vehicles. <ref>{{Cite web |last=Wood |first=Zoe |date=2026-03-14 |title=‘Shockingly bad’: Nissan Leaf drivers voice anger over app shutdown |url=https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-url=https://web.archive.org/web/20260314104114/https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-date=2026-03-14 |access-date=2026-03-14 |website=The Guardian}}</ref>

===NissanConnect security vulnerability (2016)===

In February 2016, security researcher Troy Hunt disclosed that the NissanConnect EV API had no authentication. The API identified vehicles using only the last five digits of the Vehicle Identification Number (VIN), and requests were completely anonymous. Anyone with a smartphone could remotely activate climate control, view GPS logs, and monitor battery status on any of the approximately 200,000 affected Leaf and e-NV200 vehicles worldwide.<ref name="threatpost-hunt">{{Cite web |last=Zorz |first=Zeljka |date=2016-02-26 |title=Troy Hunt Explains Nissan Leaf Car Hack |url=https://threatpost.com/total-recall-troy-hunt-breaks-down-his-nissan-hack/116497/ |access-date=2026-03-25 |website=Threatpost}}</ref>

Hunt demonstrated the vulnerability by remotely activating the climate control on a colleague's car in the UK from his location in Australia. He had spent over a month attempting to notify Nissan before going public. Nissan took the app offline and didn't restore it for several months.<ref name="threatpost-hunt" />

==Products==

Line 39:

Line 47:

==See also==

~~{{Ph-C-SA}}~~

* [[BMW]]

* [[Tesla]]

* [[Toyota]]

==References==

Line 46:

Line 57:

[[Category:Nissan]]

[[Category:Companies]]

[[Category:Companies using forced arbitration clauses]]

@@ Line 3: / Line 3: @@
 |Founded = 1933
 |Industry = Automotive
-|Logo = Nissan Motor Corporation 2020 logo-local file.svg
+|Logo = Nissan logo.svg
 |ParentCompany =
 |Type = Public
@@ Line 15: / Line 15: @@
 {{Ph-C-CIS}}
-*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}</ref>
+*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}<nowiki></ref></nowiki>
 *'''Cost of software updates:''' It is up to Nissan's discretion if certain software updates are offered for free or are withheld until certain fees are paid.<ref>{{Cite web |author= |title=NissanConnect® {{!}} Vehicle Software |url=https://www.nissan.ca/services/apps/nissan-connect/software.html |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250920213457/https://www.nissan.ca/services/apps/nissan-connect/software.html |archive-date=20 Sep 2025 |quote=Additionally, updates or modifications to Software may be made available by Nissan for download and installation by owners from time to time, either on a complimentary or for-fee basis, as determined by Nissan in its sole discretion.}}</ref>
@@ Line 34: / Line 34: @@
 ===Safety issues with the NissanConnect EV app (''2025'')===
 Researchers at Black Hat Asia 2025 have found issues within the NissanConnectEV app, since it relied upon a Vehicle Identification Number to communicate with the user and to authenticate communications, and this number proved to be easy to reverse-engineer. This allowed hackers to easily access the app.<ref>{{Cite web |last=Pokharel |first=Bijay |title=Researchers Hack Nissan Leaf Remotely, Exposing Major Security Flaws in Car App |url=https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |website=Abijita Foundation |date=8 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20251018194523/https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |archive-date=18 Oct 2025}}</ref><ref>{{Cite web |last=Mearian |first=Lucas |title=Hackers can access the Nissan Leaf via insecure APIs |url=https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |website=CSO |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20231204030039/https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |archive-date=4 Dec 2023}}</ref><ref>{{Cite web |author= |title=Critical Security Vulnerabilities Found in Nissan Leaf: Remote Hacking Demonstrated |url=https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |website=Security Land |date=14 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20260304055732/https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |archive-date=4 Mar 2026}}</ref><ref>{{Cite web |last=Kovacs |first=Eduard |title=API Flaw Exposes Nissan LEAF Cars to Remote Attacks |url=https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |website=Security Week |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20160227082244/https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |archive-date=27 Feb 2016}}</ref>
+===NissanConnect EV app discontinuation (2026)===
+In early 2026, Nissan informed affected customers that the NissanConnect EV app will cease operating as of March 30th 2026. Owners of Nissan Leaf electric cars produced before May 2019 and the e-NV200 van (produced until 2022) will no longer be able to use the remote features of their vehicles. <ref>{{Cite web |last=Wood |first=Zoe |date=2026-03-14 |title=‘Shockingly bad’: Nissan Leaf drivers voice anger over app shutdown |url=https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-url=https://web.archive.org/web/20260314104114/https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-date=2026-03-14 |access-date=2026-03-14 |website=The Guardian}}</ref>
+===NissanConnect security vulnerability (2016)===
+In February 2016, security researcher Troy Hunt disclosed that the NissanConnect EV API had no authentication. The API identified vehicles using only the last five digits of the Vehicle Identification Number (VIN), and requests were completely anonymous. Anyone with a smartphone could remotely activate climate control, view GPS logs, and monitor battery status on any of the approximately 200,000 affected Leaf and e-NV200 vehicles worldwide.<ref name="threatpost-hunt">{{Cite web |last=Zorz |first=Zeljka |date=2016-02-26 |title=Troy Hunt Explains Nissan Leaf Car Hack |url=https://threatpost.com/total-recall-troy-hunt-breaks-down-his-nissan-hack/116497/ |access-date=2026-03-25 |website=Threatpost}}</ref>
+Hunt demonstrated the vulnerability by remotely activating the climate control on a colleague's car in the UK from his location in Australia. He had spent over a month attempting to notify Nissan before going public. Nissan took the app offline and didn't restore it for several months.<ref name="threatpost-hunt" />
 ==Products==
@@ Line 39: / Line 47: @@
 ==See also==
-{{Ph-C-SA}}
+* [[BMW]]
+* [[Tesla]]
+* [[Toyota]]
 ==References==
@@ Line 46: / Line 57: @@
 [[Category:Nissan]]
 [[Category:Companies]]
+[[Category:Companies using forced arbitration clauses]]