Shifting Gears: VicOne 2025 Automotive Cybersecurity Report

A total of 215 automotive cybersecurity incidents were recorded in 2024, indicating a consistent threat throughout the year.

The total count of automotive-related vulnerabilities (“CVEs”) published in 2024 reached 530, representing another annual gain and nearly twice as many as the 2019 count.

More than 77 percent of automotive vulnerabilities were found on onboard or in-vehicle systems in 2024.

At Pwn2Own Automotive 2025, 49 unique zero-day vulnerabilities were discovered across primarily in-vehicle infotainment (IVI) and EV-charging systems. This event took place between January 22-24, 2025, in Tokyo and involved top-tier security researchers from 13 countries.

A ransomware attack on a dealership software provider in June 2024 disrupted operations at more than 15,000 North American dealerships