At the Hardware.io 2025 Information Security Conference, security researcher Danilo Erazo unveiled a litany of security vulnerabilities in the Kia MOTREX MTXNC10AB in-vehicle system, impacting select models manufactured between 2022 and 2025. Malicious actors can capitalize on the CVE-2020-8539 vulnerability to invoke the "micomd" daemon within the system, inject unauthorized commands, and exert control over various vehicle functions. Furthermore, they can fabricate CAN bus data frames, directing them towards the in-vehicle multimedia control bus, thereby disrupting or manipulating the vehicle's electronic systems. Additionally, the system lacks robust digital signature verification when processing PNG files, paving the way for hackers to infiltrate malicious user interface elements via USB, Bluetooth, or Over-The-Air (OTA) wireless updates. Furthermore, the Bootloader's integrity verification mechanism is flawed, relying solely on a 1-byte Cyclic Redundancy Check (CRC) for firmware integrity, which is inadequate for detecting firmware tampering. Most alarmingly, the RTOS firmware's serial port logs store sensitive information such as RSA private keys and Bluetooth pairing PIN codes in plaintext, significantly elevating the risk of data breaches.