Software Security Vulnerability in IO-1020 Dongle
Recall Information
| Manufacturer | IOSiX |
|---|---|
| NHTSA ID | 24E077000 |
| Report Received Date | 9/18/2024 |
| Component | EQUIPMENT |
| Vehicles Affected | 140,000 |
| Completion Rate | 33.66% |
| Recall Category | Equipment |
| Software Recall | Yes |
| OTA Update | Yes |
Description
IOSiX is recalling certain 2017-2024 IO-1020 micro device dongles. A software vulnerability may allow third-party firmware to be uploaded to the dongle or access to the primary vehicle databus.
Issue
Exploitation of the software vulnerability may result in an engine stall, increasing the risk of a crash.
Consequence Summary
Exploitation of the software vulnerability may result in an engine stall, increasing the risk of a crash.
Corrective Action
IOSiX has released an over-the-air (OTA) software update, free of charge. Owner notification letters were mailed November 15, 2024. Owners may contact IOSiX customer service at 1-855-623-1939.
