The US government wants ban chinese cars outright out of fears that they could be remotely controlled by bad actors and become a security threat. But a new group of researchers warns that thousands of Mazda cars already on the road in America, Europe and elsewhere are vulnerable to attack.

Technology experts from Trend Micro’s Zero Day Initiative – zero day which refers to how long companies have to fix a defect – looked at Mazda Connect Infotainment system fitted to cars like the 2014-21 Mazda 3 and found that attackers could use its security weaknesses to potentially interfere with a car’s safety systems.

Related: The Porsche 718 Cayman and Boxster have been removed in the EU due to new cyber security rules

Of course the risk of a swarm of Mazda becoming self-aware and cutting off pedestrians and crashing into gas stations and shopping malls is almost nil. The cars don’t have self-driving capabilities, and report author Dmitri Janushkevich says the malicious code would need to be introduced via a USB port rather than an OTA update.

But your car is still at risk of compromise if you regularly use valet parking at hotels, restaurants and airports, or have your car detailed or repaired. ZDI claims it could take just a few minutes to upload malware through the USB port, allowing tech bad guys to crash the car or infect passenger devices subsequently connected to the port. Access to the car’s safety systems is also possible, although ZDI has not gone so far as to investigate what safety-critical functions could be altered or controlled.

CyberInsider says Mazda has yet to release a patch for the security flaws and suggests that until the automaker finds a solution, owners should avoid connecting unknown USB devices to the infotainment system and limit third-party access to the vehicle. If you’re talking geek and want a full breakdown of ZDI’s analysis, check out the original report Here.

Several car models have already been withdrawn from sale in Europe this summer because they do not meet new EU cyber security rules, including the Porsche 718. Boxster and the combustion-powered Cayman and Fiat 500.