Headline
CVE-2022-34150
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object reference vulnerability on endpoint and parameter device IDs, which accept arbitrary device IDs without further verification.
Related news
By Deeba Ahmed The MV720 GPS tracker is manufactured by a China-based company MiCODUS which was informed about the flaws back… This is a post from HackRead.com Read the original post: Critical Vulnerability in Popular GPS Tracker Lets Hackers Remotely Control Vehicles
Researchers have discovered six vulnerabilities in the MiCODUS MV720 GPS tracker, a popular automotive tracking device. The post Vulnerabilities in GPS tracker could have “life-threatening” implications appeared first on Malwarebytes Labs.
Broader architectural failings of Chinese vendor potentially puts 1.5m devices at risk
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a handful of unpatched security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers outfitted in over 1.5 million vehicles that could lead to remote disruption of critical operations. "Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control of
A GPS device from MiCODUS has six security bugs that could allow attackers to monitor 1.5 million vehicles that use the tracker, or even remotely disable vehicles.