Home/Recalls/NHTSA-24E077000
NHTSAEQUIPMENT

IOSiX - Software Security Vulnerability in IO-1020 Dongle

Published: September 18, 2024Recall ID: 24E077000Category: vehiclesCountry: US

Reason for Recall / Hazard

Exploitation of the software vulnerability may result in an engine stall, increasing the risk of a crash.

Product Description & Identification

IOSiX is recalling certain 2017-2024 IO-1020 micro device dongles. A software vulnerability may allow third-party firmware to be uploaded to the dongle or access to the primary vehicle databus.

Affected Products

Software Security Vulnerability in IO-1020 Dongle

Additional Source Details

FieldValue
SubjectSoftware Security Vulnerability in IO-1020 Dongle
Nhtsa id24E077000
ComponentEQUIPMENT
Recall link › Urlhttps://www.nhtsa.gov/recalls?nhtsaId=24E077000
Recall link › DescriptionGo to Recall
Recall typeEquipment
Do not driveNo
ManufacturerIOSiX
Defect summaryIOSiX is recalling certain 2017-2024 IO-1020 micro device dongles. A software vulnerability may allow third-party firmware to be uploaded to the dongle or access to the primary vehicle databus.
Completion rate40.57
Corrective actionIOSiX has released an over-the-air (OTA) software update, free of charge. Owner notification letters were mailed November 15, 2024. Owners may contact IOSiX customer service at 1-855-623-1939.
Consequence summaryExploitation of the software vulnerability may result in an engine stall, increasing the risk of a crash.
Mfr campaign numberNR (Not Reported)
Potentially affected140000
Report received date2024-09-18T00:00:00.000
Fire risk when parkedNo

Overview

  • Recalling FirmIOSiX
  • Risk LevelEQUIPMENT
Official Agency Alert