Wednesday , May 25 2022

Simple vulnerability in a car alarm threatens to kidnap 3 million cars in the world


Experts in Cyber-security found a dangerous, Testing Test Test company, although unfortunately, it was a key car system alarm of two major global companies – the Russian Pandora and the American Viper (in England – Clifford). The vulnerability disclosed in the alarm system's system of work placed on the cars allowed the researchers to have remote access to the vehicle and data systems that it could publish. As the vulnerability is detected at the stage of the independent closed tests, the alarm manufacturing companies were reported immediately. So far, the vulnerability, which affects around 3 million vehicles in the world, is closed and does not pose a threat.

Using the stated vulnerability, anyone could access the remote account of an authorized vehicle owner. The defects in the user interface on the support servers make it possible to replace the user's email address with any other unauthorized address and to execute a password reset operation and then send the password to the address of the assailant. It was easy for researchers to call their report so easy. "Going in 6 seconds".

After receiving the user password and logging into the smartphone account, you could launch an application that allowed you to monitor the movement of the vehicle on the map, turn off the engine to force the door to stop and open the doors , and listening to conversations and recording in the cabin using the microphone provided for the alarm with rescue services and technical support.

To date, as mentioned above, the vulnerability found can not be used. According to the signaling companies, during the short period when there was an opportunity to drop, no data was stolen. None of the car owners with Pandora and Viper alarm systems (Clifford) had suffered harm or damage from the vulnerability.

If you notice a mistake, select it with the mouse and press CTRL + ENTER.

Source link