Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-9493
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
MyCar Controls uses hard-coded credentials
Source: NVD (National Vulnerability Database)
Vulnerability Description
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the attacker to learn the location of a target, or gain unauthorized physical access to a vehicle. This issue affects AutoMobility MyCar versions prior to 3.4.24 on iOS and versions prior to 4.1.2 on Android. This issue has additionally been fixed in Carlink, Link, Visions MyCar, and MyCar Kia.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
AutoMobility Distribution MyCar Controls 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AutoMobility Distribution MyCar Controls是加拿大AutoMobility Distribution公司的一款用于远程启动、锁定、解锁和定位车辆的应用程序。 AutoMobility Distribution MyCar Controls 3.4.24之前版本(iOS)和 4.1.2之前版本(Android)中存在安全绕过漏洞。攻击者可利用该漏洞获取受影响设备的未授权访问权限,获取敏感信息或绕过身份验证机制并执行未授权的操作。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
AutoMobility Distribution Inc.MyCar Controls unspecified ~ 3.4.24 -
AutoMobility Distribution Inc.MyCar Controls unspecified ~ 4.1.2 -
II. Public POCs for CVE-2019-9493
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2019-9493
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same weakness: CWE-798
V. Comments for CVE-2019-9493

No comments yet

Leave a comment