Reviver’s digital license plates have been found to contain a significant vulnerability, allowing unauthorized tampering and manipulation. Esteemed security researcher Josep Rodriguez from IOActive uncovered this flaw, which makes it surprisingly easy for individuals to alter the plate numbers using Bluetooth technology.
The vulnerability affects a substantial number of digital plates sold nationwide, around 65,000 in total. Rodriguez demonstrated how one could physically intervene with the plate’s hardware to completely override the digital display, bypassing the company’s security systems. By simply peeling away a protective sticker to access the internal components, the display becomes manipulable through a Bluetooth-enabled smartphone app, enabling the user to change the displayed numbers at will.
This issue presents serious consequences for law enforcement and automated traffic systems. With modified plates, individuals could potentially evade speed cameras, skirt tolls, sidestep parking enforcement, mislead police plate readers, and escape traffic surveillance. Moreover, by emulating valid license numbers from other vehicles, there’s also a risk of wrongly attributing traffic offenses to unsuspecting drivers.
In response to these revelations, Reviver has acknowledged the tampering as illegal and emphasized that the process requires specialized tools and substantial expertise. However, Rodriguez counters that the task can be simplified significantly with a specific tool he created.
Since the vulnerability is rooted in the hardware, it cannot be resolved with a mere software update. To address the issue, Reviver would need to replace the internal chips in every affected license plate unit. The company has indicated efforts are underway to redesign future models to thwart similar hacking attempts.
This is not Reviver’s first encounter with security issues. In 2022, another researcher identified flaws within the company’s web systems. Those issues were promptly patched with software updates, yet the current challenge, deeply embedded in the hardware, presents a more complex problem requiring comprehensive solutions.
