A team says it's found ways to hack cars to disable the brakes or lock people inside.
The researchers from the University of Washington and the University of California say they've also been able to kill the engine, change the speedometer reading or lock the car's brakes unevenly to make steering impossible.
The researchers carried out the hack via a diaagnostic computer system known as the Controller Area Network, which has been mandatory in all new cars since 2008. They developed software to access the CAN data and then alter it.
They don't give away which car they used, as they say the method could have been applied to many different models.
"Over a range of experiments, both in the lab and in road tests, we demonstrate the ability to adversarially control a wide rangeof automotive functions and completely ignore driver input — including disabling the brakes, selectively braking individual wheels on demand, stopping the engine, and so on," they say in their paper.
"We find that it is possible to bypass rudimentary network security protections within the car, such as maliciously bridging between our car’s two internal subnets."
In the real world, they say, such attacks are unlikely, as it would mean actually attaching a computer to the target car. But as cars depend more and more on computer systems and wireless capabilities are introduced, it could be a cause for concern in the future.