As connected and autonomous vehicle technology advances, in-vehicle communication networks have become increasingly exposed to cybersecurity threats due to their connectivity with external environments. In response, international regulations and standards, such as the UNR.155 and ISO/SAE 21434, have been reinforced, underscoring the need for systematic and rigorous security evaluations. However, cybersecurity experiments on public roads pose significant safety challenges, whereas legacy testbeds and software-only simulations often fail to capture the dynamic behavior of actual vehicles. This study proposes a vehicle-in-the-loop simulation (VILS)-based framework to address these limitations, enabling real-time integration between physical vehicles and virtual driving environments. By synchronizing control inputs and state feedback, the framework allows for safe, repeatable testing of diverse cyberattack scenarios under realistic conditions. The experimental results reveal that VILS captures physical responses and network-level anomalies across attack types, supporting comprehensive quantitative and qualitative assessments. The framework demonstrates high consistency and analytical precision across repeated trials. These results validate VILS as a practical and robust alternative for improving the accuracy and reliability of real-vehicle cybersecurity evaluations.