AlphaAtlas
[H]ard|Gawd
- Joined
- Mar 3, 2018
- Messages
- 1,713
Security researchers from Pen Test Partners claim they've found serious security vulnerabilities in high end car alarm services from Viper and Pandora. In a quick demonstration, the researchers showed an potential attacker could pull up behind a moving vehicle with one of the commercial security systems installed, set off the alarm, disable the engine, unlock the doors, then drive off with it in a matter of minutes. On top of that, the researchers say they could geolocate vehicles, pull up owner and car details, and in some cases, adjust cruise control speed or snoop on drivers through a microphone. The researchers say the exploits affect up to 3 million vehicles around the world, and confirmed that the vulnerabilities they found were quickly fixed by the manufacturers, but note that they "have no idea if there are other vulnerabilities in the API."
Check out the researchers' video here.
Amazingly, the vulnerabilities are relatively straightforward insecure direct object references (IDORs) in the API. Simply by tampering with parameters, one can update the email address registered to the account without authentication, send a password reset to the modified address (i.e. the attacker's) and take over the account. It's possible to geo-locate and follow a specific vehicle, then cause it to stop and unlock the doors. Hijack of the car and driver is trivially easy. We found the flaws prior to fitting the alarms, but wanted to purchase and fit them to our vehicles for a full proof of concept.
Check out the researchers' video here.
Amazingly, the vulnerabilities are relatively straightforward insecure direct object references (IDORs) in the API. Simply by tampering with parameters, one can update the email address registered to the account without authentication, send a password reset to the modified address (i.e. the attacker's) and take over the account. It's possible to geo-locate and follow a specific vehicle, then cause it to stop and unlock the doors. Hijack of the car and driver is trivially easy. We found the flaws prior to fitting the alarms, but wanted to purchase and fit them to our vehicles for a full proof of concept.