diff --git a/src/Controller/APIController.php b/src/Controller/APIController.php
index 1d13ad47..15059510 100644
--- a/src/Controller/APIController.php
+++ b/src/Controller/APIController.php
@@ -3191,8 +3191,8 @@ class APIController extends Controller implements LoggedController
         {
             $warr->setCustomer($customer);
             // get customer vehicles
-            $vehicle = $this->findCustomerVehicle($customer, $req->request->get('plate_number'));
-
+            
+            $vehicle = $this->findCustomerVehicle($em, $customer, $req->request->get('plate_number'));
             if ($vehicle != null)
                 $warr->setVehicle($vehicle);
         }
@@ -3270,20 +3270,23 @@ class APIController extends Controller implements LoggedController
         return $cust;
     }
 
-    protected function findCustomerVehicle($customer, $plate_number)
+    protected function findCustomerVehicle($em, $customer, $plate_number)
     {
        $clean_plate = Warranty::cleanPlateNumber($plate_number); 
        if ($clean_plate)
        {
            // find the customer vehicle and get the vehicle
-           $cust_vehicles = $customer->getVehicles();
-           foreach ($cust_vehicles as $cv)
+           $cv = $em->getRepository(CustomerVehicle::class)->findOneBy(['plate_number' => $clean_plate]);
+           if ($cv != null)
            {
-               if ($cv->getPlateNumber() == $clean_plate)
+               // confirm that customer vehicle found does belong to customer
+               if ($cv->getCustomer() == $customer)
                {
                    $vehicle = $cv->getVehicle();
                    return $vehicle;
                }
+               else
+                   return null;
            }
        }