Arizona authorized digital license plates in 2019. Photo by Jim Small | Arizona Mirror
Security researchers have uncovered an exploit that allows a person to hack the digital license plates that Arizona allows drivers to use, creating an avenue for bad actors to change the license plate number.
First reported by Wired, security researchers with IOActive were able to jailbreak a digital license plate and display whatever message or image they wanted on the device. Jailbreaking is the act of removing restrictions on a smart device to allow the installation of unauthorized software.
The license plates are made by a company called Reviver, the leading manufacturer of digital plates in the United States. Security researcher Josep Rodriguez was able to remove a sticker on the back of the plate and attach a cable allowing him to change the plate’s firmware. Rodriguez was then able to use Bluetooth commands to change the display to what he wanted.
GET THE MORNING HEADLINES.
The security researcher pointed out to Wired that this vulnerability could allow drivers with digital plates to evade tolls, speeding tickets and more by changing their plate. Alternatively, someone could hack an unsuspecting person’s plate and display images that could get them in trouble with law enforcement, like the plate of a stolen vehicle.
Digital license plates have been promoted as a way to help with crime by allowing a vehicle owner to display on their plate via their smartphone that their vehicle is stolen. In a statement to the Arizona Mirror, Reviver said the Wired article “omitted key details” to create “a sensational and misleading narrative,” and that the company is working with “all partners.”
“Unfortunately, efforts to manipulate license plates are not new,” Reviver said in its statement. “Objectively, manipulating standard metal plates is far easier than tampering with Reviver’s digital plates, which are designed with multiple layers of protection.”
Reviver admitted that “skilled practitioners can theoretically jailbreak any electronic device.” But said doing so is illegal, and the company said that customers would be alerted if their plate is detached and called IOActive’s scenario “highly unlikely” to occur in real world situations.
The Arizona Department of Transportation Motor Vehicles Division has issued 1,634 digital plates as of Dec. 31, 2024, according to ADOT spokesman Bill Lamoreaux. There are more than 8 million registered vehicles in the state.
“ADOT MVD is aware and talking with the company on this matter and will monitor the plate redesign process,” Lamoreaux told the Mirror. “Anyone suspecting fraudulent activity concerning their vehicle title and registration, driver license or identification card is encouraged to report it through the ADOT Fraud Hotline.”
A spokesman for Arizona Department of Public Safety deferred to ADOT’s statement, and neither agency answered questions about whether they have received any reports of digital license plates in Arizona being hacked.
This is not the first time security researchers have found vulnerabilities with Reviver.
In 2022, security researcher Sam Curry discovered an exploit on Reviver’s website that allowed him access as an administrator to their backend database, giving him access to track or change license plates. Reviver subsequently patched the exploit that Curry publicized.
In speaking with Wired, Rodriguez also pushed back against Reviver’s statements that only a skilled professional could jailbreak their license plate. He pointed out that drivers could likely buy already jailbroken plates online, much like other electronics that are readily available jailbroken online for purchase, or easily do it themselves.
IOActive said they repeatedly tried to inform Reviver of the issue for over a year and it was not until Wired reached out to Reviver that the company responded.
YOU MAKE OUR WORK POSSIBLE.