Consumer Rights Wiki

Nissan: Difference between revisions

← Older edit
VisualWikitext
IronRune (talk | contribs)
confirmed
9 edits
Add section about NissanConnect EV app being discontinued
SinexTitan (talk | contribs)
confirmed, superconfirmed
1,338 edits
population
 
(2 intermediate revisions by 2 users not shown)
Line 3: Line 3:
|Founded = 1933
|Founded = 1933
|Industry = Automotive
|Industry = Automotive
|Logo = Nissan Motor Corporation logo 2020.svg
|Logo = Nissan logo.svg
|ParentCompany =  
|ParentCompany =  
|Type = Public
|Type = Public
Line 35: Line 35:
Researchers at Black Hat Asia 2025 have found issues within the NissanConnectEV app, since it relied upon a Vehicle Identification Number to communicate with the user and to authenticate communications, and this number proved to be easy to reverse-engineer. This allowed hackers to easily access the app.<ref>{{Cite web |last=Pokharel |first=Bijay |title=Researchers Hack Nissan Leaf Remotely, Exposing Major Security Flaws in Car App |url=https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |website=Abijita Foundation |date=8 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20251018194523/https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |archive-date=18 Oct 2025}}</ref><ref>{{Cite web |last=Mearian |first=Lucas |title=Hackers can access the Nissan Leaf via insecure APIs |url=https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |website=CSO |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20231204030039/https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |archive-date=4 Dec 2023}}</ref><ref>{{Cite web |author= |title=Critical Security Vulnerabilities Found in Nissan Leaf: Remote Hacking Demonstrated |url=https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |website=Security Land |date=14 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20260304055732/https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |archive-date=4 Mar 2026}}</ref><ref>{{Cite web |last=Kovacs |first=Eduard |title=API Flaw Exposes Nissan LEAF Cars to Remote Attacks |url=https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |website=Security Week |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20160227082244/https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |archive-date=27 Feb 2016}}</ref>
Researchers at Black Hat Asia 2025 have found issues within the NissanConnectEV app, since it relied upon a Vehicle Identification Number to communicate with the user and to authenticate communications, and this number proved to be easy to reverse-engineer. This allowed hackers to easily access the app.<ref>{{Cite web |last=Pokharel |first=Bijay |title=Researchers Hack Nissan Leaf Remotely, Exposing Major Security Flaws in Car App |url=https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |website=Abijita Foundation |date=8 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20251018194523/https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |archive-date=18 Oct 2025}}</ref><ref>{{Cite web |last=Mearian |first=Lucas |title=Hackers can access the Nissan Leaf via insecure APIs |url=https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |website=CSO |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20231204030039/https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |archive-date=4 Dec 2023}}</ref><ref>{{Cite web |author= |title=Critical Security Vulnerabilities Found in Nissan Leaf: Remote Hacking Demonstrated |url=https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |website=Security Land |date=14 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20260304055732/https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |archive-date=4 Mar 2026}}</ref><ref>{{Cite web |last=Kovacs |first=Eduard |title=API Flaw Exposes Nissan LEAF Cars to Remote Attacks |url=https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |website=Security Week |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20160227082244/https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |archive-date=27 Feb 2016}}</ref>


=== NissanConnect EV app discontinued (2026) ===
===NissanConnect EV app discontinuation (2026)===
In early 2026, Nissan informed affected customers that the NissanConnect EV app will cease operating as of March 30th 2026. Owners of Nissan Leaf electric cars produced before May 2019 and the e-NV200 van (produced until 2022) will no longer be able to use the remote features of their vehicles. <ref>{{Cite web |last=Wood |first=Zoe |date=2026-03-14 |title=‘Shockingly bad’: Nissan Leaf drivers voice anger over app shutdown |url=https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-url=https://web.archive.org/web/20260314104114/https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-date=2026-03-14 |access-date=2026-03-14 |website=The Guardian}}</ref>
In early 2026, Nissan informed affected customers that the NissanConnect EV app will cease operating as of March 30th 2026. Owners of Nissan Leaf electric cars produced before May 2019 and the e-NV200 van (produced until 2022) will no longer be able to use the remote features of their vehicles. <ref>{{Cite web |last=Wood |first=Zoe |date=2026-03-14 |title=‘Shockingly bad’: Nissan Leaf drivers voice anger over app shutdown |url=https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-url=https://web.archive.org/web/20260314104114/https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-date=2026-03-14 |access-date=2026-03-14 |website=The Guardian}}</ref>
===NissanConnect security vulnerability (2016)===
In February 2016, security researcher Troy Hunt disclosed that the NissanConnect EV API had no authentication. The API identified vehicles using only the last five digits of the Vehicle Identification Number (VIN), and requests were completely anonymous. Anyone with a smartphone could remotely activate climate control, view GPS logs, and monitor battery status on any of the approximately 200,000 affected Leaf and e-NV200 vehicles worldwide.<ref name="threatpost-hunt">{{Cite web |last=Zorz |first=Zeljka |date=2016-02-26 |title=Troy Hunt Explains Nissan Leaf Car Hack |url=https://threatpost.com/total-recall-troy-hunt-breaks-down-his-nissan-hack/116497/ |access-date=2026-03-25 |website=Threatpost}}</ref>
Hunt demonstrated the vulnerability by remotely activating the climate control on a colleague's car in the UK from his location in Australia. He had spent over a month attempting to notify Nissan before going public. Nissan took the app offline and didn't restore it for several months.<ref name="threatpost-hunt" />


==Products==
==Products==
Line 42: Line 47:


==See also==
==See also==
{{Ph-C-SA}}
 
* [[BMW]]
* [[Tesla]]
* [[Toyota]]


==References==
==References==
Retrieved from "https://consumerrights.wiki/w/Nissan"