CVE-2020-10269

Name of the Vulnerable Software and Affected Versions MiR100 (affected versions not specified) MiR200 (affected versions not specified) MiR250 (affected versions not specified) MiR500 (affected versions not specified) MiR1000 (affected versions not specified)

Description A wireless interface in certain MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode with default and widely known SSID and passwords. This information has been available in past User Guides and manuals distributed by the vendor. The issue has been confirmed in MiR100 and MiR200, and it may also apply to other models.

Recommendations For MiR100, consider changing the default SSID and password to secure the wireless Access Point. For MiR200, update the wireless interface configuration to use unique and secure SSID and passwords. For MiR250, MiR500, and MiR1000, if the issue applies, change the default wireless Access Point settings to secure credentials. As a temporary workaround, consider disabling the WiFi Master mode until secure configurations can be implemented.