Six vulnerabilities in the MiCODUS MV720 GPS tracker that’s used by organizations around the world to manage and protect vehicle fleets could be exploited by attackers to remotely cut fuel to or abruptly stop vehicles. “Attackers could choose to surreptitiously track individuals or demand ransom payments to return disabled vehicles to working condition,” BitSight researchers noted, and added that “there are many possible scenarios which could result in loss of life, property damage, privacy intrusions, and threaten national security.” The vulnerabilities The MiCODUS MV720 is a hardwired GPS tracker through which fleet owners can track vehicles (especially when they are stolen), cut off fuel to them, geofence them so they can’t be driven outside specific areas, and generally have remote control over the vehicles.

Read full article on Help Net Security