Add gas stations to the long list of mainstays no longer considered secure, joining hospitals, cars and televisions, to name a few.

Kaspersky Lab released research on gas station vulnerabilities last month, pointing out more than 1,000 gas stations from the US to India open to cyberattacks. These issues stem from gas station pumps connected online with default passwords that owners couldn't change and controls that give an attacker complete access to the machine.

On Friday, Kaspersky Lab senior security researcher Ido Naor and Israeli security researcher Amihai Neiderman presented their full breakdown of the issues with gas station security, during Kaspersky's Security Analyst Summit in Cancun, Mexico.   

Their research showed that an attacker can change gas prices, steal credit card information logged on the pumps, get license plate numbers, steal gas, adjust temperature monitors and more.

"When we have root access, we can do anything we want," Neiderman said.

The attackers don't even need to be anywhere near your local gas station, Naor said. They can do it all remotely because these gas stations are connected online with a weak password, he said.

The online software comes from Orpak Systems, a fuel management company acquired by North Carolina-based Gilbarco Veeder-Root last May. According to Orpak, its software is installed in more than 35,000 gas stations around the world. Orpak put its guides online, showing the gas station technology's technical details, including passwords and screenshots of how to access its interface.

The companies didn't respond to a request for comment. 

The guides and the gas stations were originally online for convenience's sake but have ended up creating a major security issue. Several of the guides have since been removed, but we were able to independently find them through a quick Google search.

The vulnerabilities highlight the issues behind internet of things devices, which have been widely criticized for lack of security. Hackers have been able to launch massive cyberattacks because of unsecured webcams and DVRs connected online. But with a gas station, the risks for a dangerous attack are much higher, Naor said.

In an extreme scenario, a hacker could adjust the pressure and temperatures in the tank, potentially causing an explosion, he said.

"You would have no idea that your little gas station could be remotely shut down, and your entire fleet is now grounded," Naor said.

Naor and Neiderman said they contacted the vendors in 2017, but were mostly ignored. It's likely that these vulnerabilities are still out there, Neiderman said. The machines are out of date, sometimes more than a decade old, and so is the software, he added.

"When we looked at the code, it doesn't appear that they have any real updating mechanisms," Neiderman said. "Pretty early on when we started talking to them, they ghosted us."

The Smartest Stuff: Innovators are thinking up new ways to make you, and the things around you, smarter.

Blockchain Decoded:  CNET looks at the tech powering bitcoin -- and soon, too, a myriad of services that will change your life.