Recent high-profile cyberattacks have put a spotlight on growing levels of cybersecurity risks in the automotive sector. The industry needs to quickly increase awareness of the current attack surface, often through the installed base of network assets, including machines and devices on plant floors.
Fortunately, every automotive manufacturer can take steps to close common cybersecurity gaps. And it’s much more cost-efficient to strengthen cyber resiliency up front than to allow high-priority, curable gaps to remain unresolved.
Here are four common installed-base vulnerabilities targeted by threat actors.
1. OT/ICS Network and Asset Security
Over the last decade, automotive manufacturers opened communications protocols and allowed plant-floor data collection with an IIoT ecosystem of sensors and actuators. Data sharing from OT to IT has supported plant-floor efficiencies and cost reductions through detailed data analysis within enterprise systems.
However, the explosion of data-driven insights from increased connectivity across the OT/IT boundary has increased risk with the rise of sophisticated threat actors. Effective cybersecurity starts with knowing exactly what’s on networks to proactively secure what’s legitimate while removing and blocking what isn’t.
Without proper security, threat actors can breach the system with the potential of locking up controllers for ransom, controlling the physical actions of machines, altering recipe data, and even creating worker safety hazards.
Automotive manufacturers require a current and up-to-date understanding of all installed-base assets with visibility to known or unknown vulnerabilities. A thorough risk assessment methodology within their OT environments will help understand and mitigate security vulnerabilities associated with increased data flow.
This risk assessment can flag poor practices such as a lack of incident detection capabilities in industrial demilitarized zones (IDMZs), communication protocol risks or unsecured or unauthorized IIoT devices.
2. Insufficient Patch Management
Weak patch management of the installed base is hugely problematic. According to cyber risk assessment company Black Kite, 71% of automotive companies score poorly on patch management.
From plant-floor PCs to programmable logic controllers (PLCs), devices running outdated versions of operating systems or software are highly susceptible to cyberattacks. Patches often address critical software security vulnerabilities. Not applying them on time carries high risk, making it relatively trivial for malicious actors to exploit outdated versions with known security flaws.
While insufficient patch management poses automotive cybersecurity risks, it’s also understandable in the context of production-critical plant-floor devices. In the IT world, it’s straightforward to establish a patching routine for servers and workstations, resulting in minimal business disruption.
On plant floors, patching means the potential for downtime on production machines that keep things ticking, and those responsible for OT environments are understandably opposed to any level of downtime. Risk increases when production environments operate with physical servers and haven't yet been migrated to virtual compute infrastructures with 24x7 monitoring and administration of OT data centers.
Addressing OT patch management calls for a structured strategy with a minimal production disruption footprint. Asset inventory is critical to provide an overview of every plant floor device, the software versions running on them, and their unpatched vulnerabilities. Also useful is a cybersecurity advisor experienced in production operations to avoid common pitfalls and help balance effective security with production uptime.
3. OT Security Knowledge Gaps
OT security knowledge gaps are another source of vulnerabilities, because you can’t protect what you don’t know.
For example, start-ups in the electric vehicle space might cover all the bases for IT cybersecurity to an extremely high degree, yet neglect OT vulnerabilities. Viruses, worms and weaknesses at the automation level may propagate through the network and pose threats to equipment. The most infamous example is Stuxnet, which targeted PLCs via Windows exploits.
Increasing OT security starts with tested and validated reference architectures such as Converged Plantwide Ethernet (CPwE), which provides a solid foundation for securing automotive plants. Assistance from experts in such architectures can help deploy firewalls and establish IDMZs to bolster plant-floor security.
Additionally, adopting cybersecurity solutions aligned with the five pillars of the NIST framework— identify, protect, detect, respond, and recover— can greatly mature both IT and OT cybersecurity.
4. Credential Compromise
In an automotive installed base context, credential compromises could result in malicious parties accessing plant floor computers and devices with default or weak username-password pairs. Shared passwords and remote access can introduce compromises where attackers gain control of machines or confidential data.
Zero Trust, an approach that hardens cybersecurity by removing excess or assumed trust from prioritized data, assets, applications,and services (DAAS), emphasizes strong identity and access controls as critical protection. Multifactor authentication, regular password changes, least privileged access and other techniques can be used to grant access to authorized users, for authorized reasons, and at authorized times only.
Conclusion
In a sector where uptime, safety, and supply chain continuity are inseparable from cybersecurity, automotive manufacturers can’t afford to treat OT risk as a secondary issue. The installed base—controllers, plant-floor PCs, IIoT devices, engineering workstations, network gear, and the OT/IT boundary—has become one of the most attractive and exploitable attack surfaces in the industry. Threat actors know that a single weak point can unlock lateral movement, enable ransomware, disrupt production, and create cascading operational and reputational damage that lasts far beyond the initial incident.
The path forward is clear: build visibility, reduce preventable exposure, and validate defenses continuously. By strengthening OT/ICS asset governance, implementing production-safe patch strategies, closing OT security knowledge gaps with proven architectures, and hardening identity controls through Zero Trust principles, manufacturers can materially reduce both cyber and physical risk. Most importantly, proactive resilience is almost always cheaper than reactive recovery—because fixing high-priority, solvable gaps today prevents the shutdowns, safety hazards, and downstream disruptions that become tomorrow’s headlines.
