Popular vehicle GPS tracker MiCODUS MV720, which is being used in 1.5 million vehicles across 169 countries, has been impacted by six security vulnerabilities, which could be exploited for remote vehicle tracking and control, according to ZDNet
BitSight researchers noted that threat actors could leverage the security flaws not only to disturb emergency vehicles and supply chains
but also to facilitate illegal monitoring of various individuals, with such GPS trackers being used by a U.S. state, several companies in the Fortune 50, a South American military, a nuclear powerplant operator, and a Western European government and law enforcement agency, as well as a bank and state-owned transportation system in Ukraine.
"The vulnerabilities can directly impact our physical world, potentially resulting in disastrous consequences for individuals and organizations if not addressed. Understanding how IoT and other technologies can increase the potential to disrupt business continuity, damage a firm's reputation, and threaten human safety should be considered essential," said BitSight CEO Stephen Harvey.