Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 15/01/2020 Updated: 24/01/2020

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the malicious user to learn the location of a target, or gain unauthorized physical access to a vehicle. This issue affects AutoMobility MyCar versions before 3.4.24 on iOS and versions before 4.1.2 on Android. This issue has additionally been fixed in Carlink, Link, Visions MyCar, and MyCar Kia.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mycarcontrols mycar controls

CWE-798 https://www.kb.cert.org/vuls/id/174715/https://mycarcontrols.com/https://www.securityfocus.com/bid/107827 https://play.google.com/store/apps/details?id=app.com.automobility.mycar.control https://itunes.apple.com/us/app/mycar-controls/id1126511815 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/174715

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-9493

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect