Security News > 2022 > July > Vulnerabilities in popular GPS tracker could allow hackers to remotely stop cars

Six vulnerabilities in the MiCODUS MV720 GPS tracker that's used by organizations around the world to manage and protect vehicle fleets could be exploited by attackers to remotely cut fuel to or abruptly stop vehicles.

The MiCODUS MV720 is a hardwired GPS tracker through which fleet owners can track vehicles, cut off fuel to them, geofence them so they can't be driven outside specific areas, and generally have remote control over the vehicles.

The researchers found authentication vulnerabilities that may allow attackers to send SMS commands to a vulnerable GPS tracker and may result in those commands being executed.

"Most North American organizations using MiCODUS devices are in the manufacturing sector, while those in South America tend to be government institutions. MiCODUS users in Europe belong to a more diverse group of sectors, ranging from finance to energy. Authorities around the globe should consider these geographic differences in sector usage to better understand the potential ramifications of an attack exploiting vulnerabilities in MiCODUS devices."

Individuals around the world also often use MiCODUS GPS trackers it as an anti-theft device.

"Organizations using any MiCODUS GPS tracker, regardless of the model, should be alerted to insecurity regarding its system architecture, which may place any device at risk," BitSight researchers pointed out.

News URL

https://www.helpnetsecurity.com/2022/07/20/vulnerabilities-gps-tracker/