Ramiro Pareja Veredas

**Name of the Vulnerable Software and Affected Versions** HopeChart HQT-401 telematics unit version 201808021036 HopeChart HQT-401 telematics unit versions prior to the fixed version (fixed version not specified) **Description** Insufficient authentication in the MQTT backend allows an attacker to access and manipulate the telemetry data of the entire fleet of vehicles. The MQTT backend does not require authentication, allowing unauthorized connections. Vehicles publish telemetry data as messages in public topics, and the backend sends commands as MQTT posts in public topics, allowing an attacker to access confidential data. MQTT messages are not encrypted or authenticated, enabling an attacker to impersonate a vehicle or the backend and inject data into a vehicle's CAN bus by sending a specific MQTT message on a public topic. **Recommendations** For version 201808021036, consider disabling the MQTT backend until a patch is available to prevent unauthorized access. For versions prior to the fixed version, restrict access to public topics to minimize the risk of exploitation. As a temporary workaround, consider encrypting and authenticating MQTT messages to prevent impersonation. Avoid using public topics for sensitive data until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.