Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety

Key Points:

• Vulnerabilities in electric motorcycles from Zero Motorcycles (CVE-2026-1354) and scooters from Yadea (CVE-2025-70994) pose significant security risks, potentially allowing unauthorized access and control over critical vehicle functions.
• The Zero Motorcycles vulnerability enables attackers to upload malicious firmware via Bluetooth, jeopardizing safety features such as braking and throttle response. The Yadea T5 scooter vulnerability allows attackers to intercept key fob commands, facilitating theft.
• Users are advised to ensure secure pairing of their motorcycles and scooters in isolated locations and remain vigilant until patches are released by the vendors.

Technical Details: CVE-2026-1354 affects Zero Motorcycles firmware version 44 and earlier, allowing attackers within Bluetooth range to upload malicious firmware. CVE-2025-70994 involves weak authentication in Yadea T5 scooters, enabling command interception for unauthorized access.

MITRE ATT&CK Techniques:

• None mentioned

IOCs Mentioned:

• CVE-2026-1354
• CVE-2025-70994