Investment Rating - The report indicates a critical investment rating for the smart connected vehicle cloud platform industry due to the high vulnerability detection rates and significant security risks identified [5][10]. Core Insights - The analysis conducted by Qihoo 360's Code Security Laboratory on 30 automotive manufacturers revealed that 93.3% of the cloud platforms had vulnerabilities, with a total of 207 vulnerabilities identified, including 66 critical and high-risk vulnerabilities, accounting for 31.9% [5][10]. - The report highlights that over 70% of the automotive manufacturers' cloud platforms have critical/high-risk vulnerabilities that pose severe threats to vehicle security, including unauthorized vehicle unlocking and sensitive information leakage [11][12]. - A significant portion of vulnerabilities (65.2%) stem from basic errors such as lack of identity verification and interface authentication, indicating a low overall security level in the industry [14]. - The report emphasizes the complexity and severity of vulnerability risks, with over 70% of platforms having identity authentication and access control vulnerabilities, and half exhibiting excessive data exposure vulnerabilities [5][31]. Summary by Sections Overall Vulnerability Status Analysis - Among the 30 automotive manufacturers analyzed, 28 platforms were found to have vulnerabilities, with a detection rate of 93.3% and a total of 207 vulnerabilities identified [10]. - 76.7% of the platforms had critical or high-risk vulnerabilities, which could lead to severe consequences such as remote unlocking of vehicles and unauthorized driving [11][12]. Major Vulnerability Types Analysis - 60% of the platforms exhibited broken access control vulnerabilities, while 50% had excessive data exposure vulnerabilities [16]. - 73.3% of the platforms were affected by both broken access control and authentication failures, indicating systemic issues in security management processes [17][18]. Major Vulnerability Hazard Analysis - 73.3% of the platforms experienced sensitive information leakage due to various vulnerabilities, including excessive data exposure and broken access control [45]. - 66.7% of the manufacturers' vehicles could be unlocked without authorization, directly threatening vehicle property security [47]. - 40% of the platforms had vulnerabilities that allowed unauthorized operations through account impersonation, leading to potential financial losses for users [49][50]. Summary and Recommendations - The report concludes that the network information security of smart connected vehicles is a complex systemic issue, with many foundational vulnerabilities indicating a lack of comprehensive security management [51]. - Recommendations include elevating security responsibility to the strategic level, integrating security into the product development lifecycle, and enhancing collaboration between vehicle and cloud security teams [52][56].