RedHunt Labs, a cybersecurity firm, recently unearthed a critical vulnerability on the internet that could have posed severe risks to the security of Mercedes-Benz and potentially other major companies.
The issue involved the exposure of a specific code, known as an authentication token, linked to an employee at Mercedes-Benz. Shockingly, this code was found on a widely accessible platform, GitHub, leaving it susceptible to exploitation by unauthorized individuals.
The security flaw was identified during RedHunt Labs’ routine examination in January, but it had been present since September of the preceding year.
The authentication token, if misused, had the potential to grant unauthorized access to a dedicated server owned by Mercedes-Benz.
This server housed confidential plans, designs, and other sensitive information crucial to the company’s operations. Additionally, it stored special keys and passwords that, if exploited, could have resulted in significant disruptions to Mercedes-Benz’s computer systems.
Compounding the severity of the situation, the exposed code not only revealed the inner workings of Mercedes-Benz’s software but also provided access to keys associated with servers belonging to major corporations such as Microsoft and Amazon. Although no customer information was compromised on the affected server, the implications of such a breach were far-reaching.
RedHunt Labs promptly reported the issue to a technology news website, which in turn alerted Mercedes-Benz. The automaker acted swiftly to rectify the problem, taking immediate steps to remove the exposed code from the public GitHub repository.
Mercedes-Benz attributed the incident to a mistake made by one of its employees and has launched an investigation to prevent similar occurrences in the future.
The company is implementing additional security measures to fortify its systems and ensure the protection of sensitive data. As of now, it remains unclear whether any malicious actors exploited the exposed code to compromise Mercedes-Benz’s business. The company is currently reviewing its records to identify any unusual activities that might have occurred during the period the vulnerability existed.
