all InfoSec news
‘No evidence of malicious access,’ Toyota says about serious bug exploited by outside researcher
Malware Analysis, News and Indicators - Latest topics malware.news
Toyota says it has fixed a vulnerability discovered by an outsider that allowed for widespread access to a platform used by employees to coordinate operations.
Security researcher Eaton Zveare published a blog post Monday explaining how he managed to gain full control of the web app, called the Global Supplier Preparation Information Management System (GSPIMS), in October 2022. The platform is used to coordinate projects, parts, surveys, purchases and more.
“We promptly remediated the reported vulnerability and confirmed that there …
access app blog blog post bug called control eaton eaton zveare employees exploited global information information management malicious managed management october operations platform preparation projects researcher security security researcher serious supplier system the web toyota vulnerability web web app