📣 Send us your press release
Site updates every 15 minutes
Technology

Remote EV Shutdowns Expose Security Flaws in India's Connected Vehicle Systems

Unauthorised users have been able to remotely disable electric vehicles by accessing Battery Management Systems (BMS) via common mobile applications. The incidents have raised concerns about the security of connected electric vehicle (EV) systems in India.

4 July 2026
Remote EV Shutdowns Expose Security Flaws in India's Connected Vehicle Systems

Security vulnerabilities in electric vehicle (EV) Battery Management Systems (BMS) have surfaced in India after social media users widely shared videos depicting remote disabling of vehicles. These incidents have disrupted transport operations and sparked concerns over the security of connected EV systems.

The affected BMS units communicate through widely used mobile applications, including BAT BMS, Lossigy, and Epoch Li-ion, many of which are of Chinese origin. These apps connect to the BMS via Bluetooth, and while intended for battery health monitoring, weak access controls or default settings have allowed individuals within Bluetooth range to gain access and potentially disable vehicles. This highlights India's reliance on imported firmware for EV components.

Experts suggest the issue lies not with the apps themselves, but with manufacturers of budget EVs failing to implement adequate access controls on their BMS. This has led to vehicles from manufacturers such as Yatri, Mayuri, Vande Bharat, and City Life being affected. These companies have not responded to queries regarding the incidents.

The Indian government has requested Google and Apple to remove several of these apps from their respective stores. However, experts caution that this is not a complete solution and may hinder legitimate users, like drivers, from monitoring battery health or regaining control of their vehicles. A broader solution would necessitate the implementation of certification standards and security requirements for BMS units sold in the Indian EV market.

This episode has also exposed gaps in India's vehicle cybersecurity framework. While the country has upcoming mandates for vehicle cybersecurity management systems, oversight of third-party hardware and embedded software requires further attention, especially given the prevalence of imported components.

Original source: inc42.com