Connected cars are now full-fledged computers, and their security depends on the operating systems beneath the dashboard. This article uses a new Android-powered vehicle to explain why patching, lifecycle visibility, and vendor accountability matter everywhere.
Is My New Car a Rolling Security Risk?
I just bought a new car. Beautiful machine. Quiet, quick, and packed with the kind of connectivity that would have sounded like science fiction when I got my license. Built-in Wi-Fi hotspot, over-the-air updates, advanced driver assistance, and an infotainment system that finally feels like it belongs in this decade. The manufacturer made an interesting bet. They walked away from a Linux-based in-vehicle system and rebuilt the whole thing on Android.
I get the appeal. Android Automotive OS gives carmakers a mature platform, a familiar developer ecosystem, and a path to Google services without forcing a phone-tethered experience like Android Auto. The problem, the thing I cannot stop thinking about as someone who spends his days advising customers on security, is the version number on the badge.
My car shipped with Android 12.
As I write this, Android 16 is the current release. Android 12 launched in October 2021. That makes the OS underneath my brand-new vehicle roughly four and a half years old on day one. For context, most modern smartphones have already aged out of Android 12 support. Google itself stopped providing public security bulletins for the Android 12 baseline in 2024. The Play Store is in the process of deprecating apps that do not target newer API levels. And yet here I am, driving a 2026 vehicle running an OS that my phone manufacturer would tell me to replace.
So, is my car a security risk?
The honest answer is probably yes, in ways that are hard to quantify, and the risk profile is different from what most people assume.
Key Takeaway
A connected car can be a security risk, but the most realistic concern is not someone remotely driving it off the road. The bigger risk is outdated software exposing personal data, location history, app sessions, microphones, cameras, or connected devices.
Why Automotive Android Lags Behind
Carmakers do not ship stock Android. They take a Google-provided base, in this case AAOS 12, and fork it heavily. They add their own HMI, integrate with the vehicle’s CAN bus and ECUs through a Vehicle Hardware Abstraction Layer, sign their own builds, and put the result through years of safety validation, regulatory testing, and supplier qualification before a single car rolls off the line. That process is fundamentally incompatible with the monthly cadence Google uses for mobile Android.
The result is a structural lag. The Android 12 in my dashboard was probably forked sometime in 2022 or 2023, hardened, validated, and shipped in 2025 or 2026. The manufacturer almost certainly backports critical security patches into their fork, but “almost certainly” and “every CVE that matters, on time” are not the same statement.
What Is Actually Exposed in a Connected Car?
The attack surface on a modern connected car is genuinely large, and the infotainment system sits at the center of it. The cellular modem and Wi-Fi hotspot present an always-on, internet-facing surface. Bluetooth and Wi-Fi Direct handle phone pairing and projection. USB ports have historically been a fruitful path for researchers. The companion mobile app authenticates against cloud services and can issue commands to the car. The OTA update channel is both a defense and, if compromised, a devastating offense. Third-party apps arrive through an automotive flavored Play Store. And behind all of that sits the vehicle network itself, including CAN, CAN-FD, and automotive Ethernet.
The Infotainment System Should Be Isolated
The reassuring news is that responsible OEMs design the infotainment system as an untrusted zone. There is typically a gateway ECU between the IVI and the safety-critical buses that control steering, braking, and acceleration. A compromise of the head unit should not directly translate to a compromise of the powertrain. The 2015 Jeep Cherokee hack, the one that got Chrysler to recall 1.4 million vehicles, worked precisely because that isolation was inadequate. The industry learned. Mostly.
The Realistic Risk Is Data Exposure
But “should not directly translate” is doing a lot of work in that sentence. Even if an attacker cannot make my car brake on the highway, an Android 12 IVI compromise could plausibly enable exfiltration of contacts, call logs, messages, and location history synced from my phone. It could open up microphone and cabin camera access, persistent surveillance through the always-on cellular link, credential theft from the OEM companion app session (which often can unlock doors or start the car remotely), lateral movement into the Wi-Fi hotspot and any device connected to it, and a quiet foothold to probe the gateway ECU at leisure. That is a meaningful threat model even with strict network segmentation.
Why Android 12 in a New Car Matters
Several things about running Android 12 in 2026 make me uncomfortable. Mainline security patches have wound down, so new CVEs disclosed against the Android 12 baseline depend on the OEM to backport, assuming they notice and prioritize. Modern hardening is also missing. Improvements in scoped storage, photo picker isolation, runtime permission controls, memory tagging, and Private Compute Core landed in 13, 14, 15, and 16. My car gets none of them.
App Support May Become a Problem
Play Store apps are aging out too. Google requires apps to target recent API levels to remain installable and updateable, so over the next 12 to 24 months the catalog of apps that can be freshly installed on an Android 12 head unit will shrink. Existing apps will keep running, but security fixes in those apps may stop arriving.
The Support Timeline Is Too Opaque
And finally, the support horizon is opaque. I do not know how many years of security updates my OEM has committed to. Most do not publish that number the way Google and Samsung now do for phones.
The Real Lesson: Every Device Needs Patching
I am not selling the car. Almost every connected vehicle on the road today has a similar story. Mine just happens to wear its version number on its sleeve.
But this whole exercise reinforces something I tell customers constantly, and it has nothing to do with cars specifically. Keep your underlying operating system up to date. Always. On every device you own.
Everything Is a Computer Now
That phone in your pocket, the laptop on your desk, the tablet your kids use for homework, the smart TV in the living room, the router in the closet, the NAS in the basement, and yes, the car in your driveway. Every one of them is a computer, and every one of them is only as safe as the OS it runs on. Apps and antivirus and firewalls and good passwords all matter, but none of them save you when the kernel underneath has known, unpatched holes.
Cars Make the Patch Problem Harder
The reason this matters more for cars is that we keep them for a decade, we cannot side-load a newer OS on them, and we have very little visibility into the vendor’s patching commitment. So when you buy your next vehicle, ask the dealer the same question you should be asking about every device you bring home. How long will this thing receive security updates, and how do I verify they are being applied?
If they cannot answer, that tells you something. If they can answer, hold them to it. Apply the OTA the day it lands. Reboot the laptop when Windows or macOS asks. Update the phone the night the patch drops. Replace the router when the vendor stops shipping firmware.
My car is probably not going to be hacked tomorrow. But “probably not” is a strange thing to say about any computer you own, on wheels or otherwise. Patch everything. Patch often. The version number on the badge is the one that matters most.
Can I Manage My Car Like an Endpoint?
Which raises the obvious follow-up question for those of us who do this for a living. Can I just enroll the thing in Intune and manage it myself? Push a compliance policy, force the security patch level, block sideloaded APKs, maybe wipe it remotely if someone steals it from the parking garage? I am only half joking.
If my car is going to be an Android device for the next ten years, I would quite like to treat it like one. Conditional Access for the carpool lane. A compliance grace period before it lets me start the engine.
Honestly, sign me up.
Secure Every Endpoint
From laptops to unmanaged devices, eGroup helps organizations improve visibility, patching, identity controls, and endpoint security across the modern IT environment.
